Windows/Mac program security audit

The project goal was to ensure the security of the complex application, which included Windows/MacOS frontends and Azure-based backend. The threat vectors included attacks on the client (e.g. if the software introduces weakness to the client OS) and system back-end security. The only access to the binaries and test accounts was provided.

During the project, the following vulnerabilities were identified:

Remote code execution on the client through the out-of-date library
Weak filesystem/registry permissions on the client installation
Hardcoded API keys to some back-end components in the client installation
Denial of service on the backend infrastructure through XML bombs

Similar cases

Mobile application security audit

Azure tenant security

This website uses cookies to give you the best experience. Terms & Conditions