From 47aae3b51b7aa03f44b173884ffef29c74cf253d Mon Sep 17 00:00:00 2001 From: Joseph Goydish II Date: Sat, 23 Aug 2025 00:30:14 -0400 Subject: [PATCH] Update and rename Technical Write Up to Technical Write Up.md --- Technical Write Up | 1 - Technical Write Up.md | 200 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 200 insertions(+), 1 deletion(-) delete mode 100644 Technical Write Up create mode 100644 Technical Write Up.md diff --git a/Technical Write Up b/Technical Write Up deleted file mode 100644 index 8b13789..0000000 --- a/Technical Write Up +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Technical Write Up.md b/Technical Write Up.md new file mode 100644 index 0000000..c501395 --- /dev/null +++ b/Technical Write Up.md @@ -0,0 +1,200 @@ +# Improper Input Validation in Siri Shortcuts and Shared Web Credentials Enables Persistent Background Execution, Retry Storms, and Sandbox Extension Abuse + +**Date Discovered:** August 20, 2025 +**Discovered By:** Joseph Goydish II + +--- + +### Detection Context + +* **Device:** iPhone 14 pro max +* **OS Version:** iOS 18.6.2 +* **State:** Live, in-field (production environment) +* **Exploitation Status:** Proven, persistent, reproducible +* **Severity:** High +* **Proposed CVSS v4.0 Base Score:** 7.4 (High) + +--- + +### Executive Summary + +A vulnerability chain exists within Siri Shortcuts automation and the Shared Web Credentials (SWC) framework that enables malformed payloads to persistently execute in the background without validation or proper sandbox containment. + +Tested under real-world conditions, this vulnerability leads to: + +* Silent background execution of malformed workflows +* Unauthorized sandbox extension requests by system daemons +* Excessive retry storms (71+ attempts) in `swcd` +* TLS trust degradation (certificate mismatches ignored) +* Workflow persistence across device reboot and application relaunch + +These behaviors subvert Appleā€™s automation and trust enforcement models, introducing risks of denial of service, degraded credential validation, and stealthy persistence mechanisms. + +--- + +### Affected Components + +| Component | Description | +| ------------------------ | ---------------------------------------------------------- | +| com.apple.Shortcuts | Accepts malformed payloads and executes them | +| BackgroundShortcutRunner | Executes workflows silently in the background | +| com.apple.siriknowledged | Issues sandbox extension requests from malformed workflows | +| com.apple.swcd | Retries malformed JSON; tolerates TLS errors | +| searchd, symptomsd | Invoked without entitlement via chained payloads | +| iOS/macOS | All versions supporting Siri Shortcuts + SWC | + +--- + +### CWE Classification + +* CWE-20: Improper Input Validation +* CWE-184: Incomplete List of Disallowed Inputs +* CWE-307: Improper Restriction of Excessive Authentication Attempts +* CWE-284: Improper Access Control + +--- + +### Vulnerability Details + +**Issue:** Siri Shortcuts accepts malformed payloads containing null fields (e.g., `WFLinkEntityContentItem.title = null`) and executes workflows without rejection. + +#### 1. Improper Shortcut Parsing + +* Payload accepted despite missing required fields +* Log: + + ``` + Ignoring entity property '' because it doesn't have a title. + ``` + +#### 2. Silent Background Execution + +* Triggered without alert via `BackgroundShortcutRunner` + +#### 3. Retry Storms in `swcd` + +* Malformed JSON triggers 71 retry attempts +* TLS errors logged but ignored + + ``` + SWCERR00401 Bad JSON content -- {"cause":"invalid character '<'"} + SWCERR00303 TLS error -- certificate mismatch + ``` + +#### 4. Sandbox Extension Requests + +* Daemons request entitlements for malformed workflows +* Requests continue despite denial + +#### 5. Persistence + +* Workflows re-trigger on reboot or app relaunch +* Stored in `/var/mobile/Library/Shortcuts/` + +--- + +### Delivery Vectors + +* Injected via iCloud Shortcut sync or MobileDevice API +* Stored at `/var/mobile/Library/Shortcuts/` +* Automatically triggered by automation profiles + +--- + +### Live System Proof + +**Tested Environment:** iPhone 14 / iOS 18.6.2 + +**Observed Logs:** + +``` +[BackgroundShortcutRunner] Ignoring entity property '' because it doesn't have a title. +[swcd] SWCERR00401 Bad JSON content -- {"cause":"invalid character '<'"} +[swcd] SWCERR00303 TLS error -- certificate mismatch +Retries: 71 +``` + +**Result:** +Execution persisted despite malformed input. TLS mismatch was tolerated. No user interaction required post-setup. + +--- + +### Artifact Snapshot (swcutil --show) + +``` +Service: webcredentials +App ID: com.apple.PassbookUIService +Domain: wallet.apple.com +Error: SWCERR00401 Bad JSON content -- {"cause":"invalid character '<'"} +Retries: 71 +SWCERR00303 TLS error -- x509: certificate is valid for apple-shield.apple.com, not concierge.apple.com +``` + +--- + +### Root Cause Chain + +| Layer | Fault Description | +| -------------------------- | ------------------------------------------------- | +| Siri Shortcuts Engine | Accepts malformed payloads with null content | +| Workflow Execution Handler | Executes workflows despite parsing errors | +| SWC Fetch Logic (`swcd`) | Retries malformed JSON up to 71 times | +| TLS Certificate Validation | Ignores mismatch and continues execution | +| Sandbox Enforcement | Processes entitlement requests without validation | +| Automation Framework | Allows persistence without runtime validation | + +--- + +### CVSS v4.0 Scoring + +* **Attack Vector:** Local +* **Attack Complexity:** Low +* **Privileges Required:** Low +* **User Interaction:** Required +* **Scope:** Changed +* **Confidentiality:** Low +* **Integrity:** Medium +* **Availability:** High +* **Base Score:** 7.4 (High) +* **Environmental Score:** Up to 8.1 (context-dependent) + +--- + +### Impact Summary + +| Impact Type | Description | +| -------------------- | --------------------------------------------------------- | +| Denial of Service | Retry storms from malformed SWC inputs | +| Background Execution | Persistent execution of workflows at system events | +| Entitlement Bypass | Daemon requests proceed without proper sandbox validation | +| Trust Degradation | TLS mismatches tolerated | +| Persistence | Automations survive reboot and app relaunch | + +--- + +### Suggested Remediations + +| Component | Recommendation | +| --------------------- | ----------------------------------------------------------- | +| Siri Shortcuts Engine | Reject malformed `WFLinkEntityContentItem` inputs | +| SWC Retry Logic | Limit retries to three maximum | +| TLS Trust Chain | Enforce strict pinning; abort on mismatch | +| Automation Framework | Require runtime permissions for network-enabled automations | +| System Logging | Detect anomalous retry patterns (>10 in 60 seconds) | + +--- + +### Reproducibility & Coordination + +The researcher can provide: + +* Full technical report (this document) +* `swcutil` verification steps +* Timestamped system logs (redacted) +* Live trace video (available upon request) + +--- + +### Conclusion + +This vulnerability chain exposes systemic flaws in Siri Shortcuts and Shared Web Credentials. It allows silent background execution, degraded trust enforcement, and persistent post-exploitation workflows in core Apple frameworks. The issue has been reproduced under live, production conditions and should be triaged and remediated as a high-priority issue.