Critical Vulnerability In Apple Game Center Could Allow Authentication Bypass

Researchers discovered a critical vulnerability affecting the Apple Game Center that allowed authentication bypass. The bug typically existed in the Parse Server, exposing it to remote attacks.

Apple Game Center Vulnerability

According to a recent advisory on GitHub, a critical authentication bypass vulnerability existed in the Parse Server, threatening Apple Game Center security.

Specifically, Parse Server is an open-source backend server that users can deploy on any infrastructure running Node.js.

Explaining the impact of this vulnerability, the advisory reads,

The certificate in Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object.

The bug has received the identification number CVE-2022-31083, and a critical severity rating, with a CVSS score of 8.6. It affected Parse Server versions earlier than 4.10.11 and 5.2.2. The bug existed due to the non-validation of the Parse Server Apple Game Center auth adapter. Hence, any adversary could achieve an authentication bypass via fake certificates. As mentioned in the NVD vulnerability description,

Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object.

Nonetheless, versions 4.10.11 and 5.2.2 address this flaw by introducing a new rootCertificateUrl property to the Parse Server Apple Game Center auth adapter. It “takes the URL to the root certificate of Apple’s Game Center authentication certificate”.

So, if developers haven’t set a value for it, the new property defaults to the URL of the existing root certificate. The advisory urges developers to keep the root certificate URL updated when using Parse Server Apple Game Center auth adapter.

For now, while the patch has arrived, no workaround is available for the vulnerability.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil