Skip to content
Threat Feed
medium advisory

Sticky Notes Widget Denial-of-Service Vulnerability (CVE-2021-47973)

Sticky Notes Widget 3.0.6 is vulnerable to a denial-of-service attack (CVE-2021-47973), where an attacker can crash the application on iOS devices by pasting excessively long character strings into note fields.

Sticky Notes Widget 3.0.6 is susceptible to a denial-of-service (DoS) vulnerability identified as CVE-2021-47973. This flaw allows a remote attacker to crash the application on iOS devices. The vulnerability is triggered when the application attempts to process an overly long string pasted into a note field. Specifically, pasting a string consisting of 350,000 repeated characters twice into a new note can reliably induce the crash. This vulnerability poses a threat to application availability, as a malicious actor could exploit it to disrupt the service for legitimate users.

Attack Chain

  1. Attacker identifies a vulnerable instance of Sticky Notes Widget 3.0.6 running on an iOS device.
  2. Attacker crafts a payload consisting of a string of 350,000 repeated characters.
  3. Attacker copies the crafted payload to the device’s clipboard.
  4. Attacker opens the Sticky Notes Widget application.
  5. Attacker creates a new note within the application.
  6. Attacker pastes the payload into the new note’s text field.
  7. Attacker pastes the payload again into the same note’s text field.
  8. The application attempts to process the oversized input, resulting in excessive memory allocation and a subsequent crash, denying service to the user.

Impact

Successful exploitation of CVE-2021-47973 leads to a denial-of-service condition, rendering the Sticky Notes Widget application unusable on the targeted iOS device. This can lead to data loss if a user’s notes are not properly backed up and disrupts productivity for users who rely on the application for note-taking and organization. The number of potential victims is limited to the number of users running the vulnerable version of the application.

Recommendation

  • Monitor application logs for excessively large input strings being processed by the Sticky Notes Widget to identify potential exploitation attempts.
  • Deploy the Sigma rule to detect suspicious process crashes related to the Sticky Notes Widget application.
  • Consider network-level rate limiting to mitigate DoS attacks targeting the application.
  • Since there are no vendor-supplied patches, consider deploying a client-side input validation mechanism.

Detection coverage 1

Detect Sticky Notes Widget Crash

medium

Detects CVE-2021-47973 — Sticky Notes Widget crashing due to excessive memory allocation.

sigma tactics: availability techniques: T1499.001 sources: process_creation, windows

Detection queries are available on the platform. Get full rules →