InfoSecBulletin Cybersecurity for mankind
“A critical vulnerability has been identified in the Google Authentication mechanism of the application. By manipulating the ID and email parameters in the authentication request, an attacker can obtain an access token for any user. This allows the attacker to take over any account without any user interaction, leading to a complete compromise of the victim’s account.”
What is the Single Sign-On (SSO):
Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack
Daily Security Update Dated: 21.01.2025
126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
CERT-UA alerts about “security audit” requests through AnyDesk
Oracle Critical Pre-Release update addressed 320 flaw
OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS
Intel holds 22 employees from one Bangladeshi University
VPN Surge 1500% in USA after TikTok Shut Down
MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology
Using Single Sign-On (SSO) with Google Cloud is a smart choice for organizations. It improves security and makes user authentication easier. SSO centralizes authentication through a trusted Identity Provider (IdP), reducing risks. It also makes it easier for IT teams to manage user access and enforce security policies, including multi-factor authentication (MFA).
To transition smoothly to SSO, organizations should follow these steps: select a compatible IdP, configure settings, and thoroughly test the setup. SSO offers several benefits: improved security, better user experience, simplified administration, and compliance with regulatory standards.
Proof of Concept (PoC):
1-Login with Google:
2-Intercept the OAuth Request:
3-Modify the Request:
Change the id field to any ID.
NOTE In changing the ID, you can try any number because it does not verify whether this number is correct or not, but it verifies whether the ID existed before or not, so you can enter anything, for example
“id”:”1″ or “id”:”123456”…. etc
Change the email field to the victim’s email address.
4- now Gain Access to Victim’s Account:
Conclusion
This situation shows how a vulnerability can be used to take over accounts without any action from the user. It is important to fix this problem quickly to protect user data and the reputation of Example.com.
This article is first published in medium.com written by Elcapitano. He can be reach on X Elcapitano.
