Vulnerability in Google Pixel's screenshot editing function, risk of personal information leakage

It has become clear that there is a vulnerability in the `` markup '' of the screenshot editing function that can be used in the Google genuine smartphone Pixel series, which can trace back the edited contents. Although this vulnerability has already been fixed in the latest update, there is still a risk of information leakage from screenshots edited before the update.

Pixel Markup vulnerability allows screenshots to be un-redacted

Google Pixel 'aCropalypse' exploit reverses edited parts of screenshots - The Verge

It was revealed in 2023 that there was a vulnerability in markup, a screenshot editing function that is standard in the Pixel series, that could restore the screenshot to its original, unedited state. It was early in the month. According to Simon Aarons , the engineer who discovered the vulnerability, the vulnerability is called 'aCropalypse' ( CVE-2023-21036 ) and is fixed in Android 13 QPR, the latest update for Android.

Markup was installed from Android 9 released in 2018. Pixel users can use markup to edit screenshots, add text, add highlights, and more.

For example, take a screenshot containing credit card information displayed in a wallet app, etc., edit it by blacking out the card number part to hide personal information, and share it on SNS. By exploiting the markup vulnerability, it is possible to restore this edited screenshot to its pre-edited state. If screenshots containing personal information are edited with markup and then shared, it is possible to restore the information by exploiting the vulnerability, which may lead to the leakage of personal information.

According to Aarons, who discovered aCropalypse, if you exploit the vulnerability and restore the edited screenshot with markup, about 20% of the image will be damaged, but the remaining 80% will be completely restored. It seems that you can.

However, Aarons points out that most social media will reprocess the uploaded images, making it difficult to restore the data at this time. For example, it seems that it will be difficult to restore data due to reprocessing of images on Twitter etc.

The following images are 'screenshots' (image 1) 'editing with markup' (image 2) 'screenshots after editing' (image 3) 'screenshots that failed to restore because they were reprocessed by Twitter, etc.' ( image 4).

Discord will also reprocess images after January 17, 2023. However, Aarons warns that caution is required because screenshots uploaded before that have not been reprocessed and can be restored.

Aarons has published a web application that allows you to check whether you can actually restore screenshots edited with markup, so whether images you have uploaded in the past will be affected by aCropalypse If you want to check it out, try the app below.


The reason you can restore an image edited with markup is that the edited version of the image is saved in the same location as the original file. When you edit the image and write a new file (lower row, green part), the original file is not deleted but remains at the end (lower row, blue part). The upper part of the image below is the original screenshot, and the lower part is the image edited with markup.

in Mobile,   Software,   Security, Posted by logu_ii