The flaw consisted of missing interprocess validations, which could have allowed an attacker to hijack the 1Password browser extension or command line interface.
Password manager 1Password patched a flaw in the Mac version of its software that could have allowed an attacker to steal vault data, according to a disclosure made on Aug. 6. The vulnerability could only be exploited if the attacker tricked the user into installing malware. Some crypto users rely on 1Password to store backup copies of wallet seed words, private keys or exchange passwords.
According to the disclosure, the vulnerability could have allowed an attacker “to misuse missing macOS specific inter-process validations to hijack or impersonate a trusted 1Password integration such as the 1Password browser extension or CLI [command line interface],” which would have allowed the attacker “to exfiltrate vault items.”
The vulnerability was discovered by the Robinhood Red team. It was patched in version 8.10.36, and 1Password is encouraging users to upgrade to the latest version to protect themselves from this attack vector.