A surrounding WiFi network SSID was recovered from non-persistent memory after the assessment completed. When an application is in use, user- or application-specific data may be stored in RAM and not properly cleared when the user logs out or the session times out. Because an application is stored in memory (even after use) until the memory is reclaimed, sensitive information may remain in memory. An attacker who finds or steals the device can attach a debugger and dump the memory from the application, or load a kernel module to dump the entire contents of RAM. The attacker would need to have physical access to the device, as well as for the application to be logged in. Additionally, unless the footprint of the data (value or format) is known, it's extremely difficult to identify during analysis.
When managing passwords and other sensitive information, applications will keep that information in memory, even if the buffer is freed for some time. This can be a security problem if the application is prone to buffer overflow, format string, data leak and other vulnerabilities, which might allow an attacker to dump the memory of the process in order to recover that sensitive information. Additional information can be found at https://books.nowsecure.com/secure-mobile-development/en/coding-practices/securely-store-sensitive-data-in-ram.html.
Steps to Reproduce
This check searches through the RAM of the device for sensitive information after the application is finished running. It is important to note what state the app is in at the end of each pass to contextualize the data. This test is primarily used when an application is left logged in. If UI automation logs the user out, the results for this test are potentially not as meaningful.
Business Impact
The app is storing the user's WiFi information in temporary storage. If a device is lost or compromised someone might be able to access that information. This could be used to track where a person has been.
Remediation Resources
Variables that hold sensitive data should be set to null after they are no longer needed to allow garbage collectors to remove the information. Avoid using immutable objects for sensitive keys or passwords such as in Android java.lang.String and use char array instead. Even if references to immutable objects are removed or nulled, they may remain in memory until garbage collection occurs (which cannot be forced by the app). More information and code snippets can be found on Android's website.
Handle encrypted sensitive data wherever possible to avoid risk of exposure.
Finding Description
A surrounding WiFi network SSID was recovered from non-persistent memory after the assessment completed. When an application is in use, user- or application-specific data may be stored in RAM and not properly cleared when the user logs out or the session times out. Because an application is stored in memory (even after use) until the memory is reclaimed, sensitive information may remain in memory. An attacker who finds or steals the device can attach a debugger and dump the memory from the application, or load a kernel module to dump the entire contents of RAM. The attacker would need to have physical access to the device, as well as for the application to be logged in. Additionally, unless the footprint of the data (value or format) is known, it's extremely difficult to identify during analysis.
When managing passwords and other sensitive information, applications will keep that information in memory, even if the buffer is freed for some time. This can be a security problem if the application is prone to buffer overflow, format string, data leak and other vulnerabilities, which might allow an attacker to dump the memory of the process in order to recover that sensitive information. Additional information can be found at https://books.nowsecure.com/secure-mobile-development/en/coding-practices/securely-store-sensitive-data-in-ram.html.
Steps to Reproduce
This check searches through the RAM of the device for sensitive information after the application is finished running. It is important to note what state the app is in at the end of each pass to contextualize the data. This test is primarily used when an application is left logged in. If UI automation logs the user out, the results for this test are potentially not as meaningful.
Business Impact
The app is storing the user's WiFi information in temporary storage. If a device is lost or compromised someone might be able to access that information. This could be used to track where a person has been.
Remediation Resources
Variables that hold sensitive data should be set to
nullafter they are no longer needed to allow garbage collectors to remove the information. Avoid using immutable objects for sensitive keys or passwords such as in Android java.lang.String and use char array instead. Even if references to immutable objects are removed or nulled, they may remain in memory until garbage collection occurs (which cannot be forced by the app). More information and code snippets can be found on Android's website.Handle encrypted sensitive data wherever possible to avoid risk of exposure.
Risk and Regulatory Information
Severity: low CVSS: 1.8
Application
See more detail in the NowSecure Report