Mobile Security Framework (MobSF) Partial Denial-of-Service Vulnerability via Malicious iOS Bundle ID Modification

A partial denial-of-service vulnerability has been identified in Mobile Security Framework (MobSF) versions through 4.3.0. This issue arises when an attacker manually alters the bundle identifier of an iOS application to include special characters, violating Apple's bundle ID guidelines. The modified bundle ID is then uploaded to MobSF, where it causes the application to encounter an error while parsing the invalid characters. This error disrupts the normal functioning of the Scans Results and iOS Dynamic Analyzer pages, leading to a 500 error. The only way to restore functionality is by manually removing the offending application from the system.

Impact

Exploitation of this vulnerability causes the Scans Results and iOS Dynamic Analyzer pages to become unavailable, disrupting normal operations.

Reproduction

To reproduce this vulnerability, unzip an IPA file of any iOS application and modify the 'CFBundleIdentifier' value in the 'Info.plist' file by adding restricted characters. After zipping the modified IPA file, upload it to MobSF for analysis. Once the upload is complete, attempt to access the 'Scans Results' and 'iOS Dynamic Analyzer' pages, which will now throw a 500 error.

Remediation

Users are advised to upgrade to MobSF version 4.3.1, where this vulnerability has been patched.