Unpatched SQLite Database exposed data to hackers

December 12, 2019
sqlite magellan vulnerability bug hacking

Cybersecurity scientists have found a basic weakpoint in the broadly utilized SQLite database programming that uncovered billions of deployments to cyber criminals.

Named as ‘Magellan’ by security researchers, the newfound SQLite imperfection could enable remote assailants to execute self-assertive or malignant code on influenced gadgets, spill program memory or crash applications.

SQLite is a lightweight, generally utilized circle based social database the executives framework that requires negligible help from working frameworks or outer libraries, and subsequently perfect with pretty much every gadget, stage, and programming dialect.

SQLite is the most broadly sent database motor on the planet today, which is being utilized by a great many applications with truly billions of arrangements, including IoT gadgets, macOS and Windows applications, including significant internet browsers, for example, Adobe programming, Skype and that’s just the beginning.

Since Chromium-based internet browsers—including Google Chrome, Opera, Vivaldi, and Brave—additionally bolster SQLite through the deplored Web SQL database API, a remote assailant can without much of a stretch target clients of influenced programs just by persuading them into visiting a uniquely created website page.

SQLite has discharged the patch version 3.26.0 of its product to address the issue in the wake of getting capable exposure from the scientists.

Google has likewise discharged Chromium adaptation 71.0.3578.80 to fix the issue and pushed the fixed variant to the most recent rendition of Google Chrome and Brave internet browsers.

Security specialists said they effectively manufacture a proof-of-concept abuse utilizing the Magellan weakpoint and effectively tried their adventure against Google Home.


Since most applications can’t be fixed whenever sooner, scientists have chosen not to reveal specialized technical information and proof-of-concept to the public in general. To have your updated online website scanners and anti-malware tools would be a good idea prior the upcoming update.


Since SQLite is utilized by everyone including Adobe, Apple, Dropbox, Firefox, Android, Chrome, Microsoft and a pack of other programming, the Magellan weakness is an essential issue, regardless of whether it’s not yet been misused in nature.

The software’s users and delegated admins are very much prescribed to refresh their systems and affected software versions to the most recent update once it becomes available. Of course, to ensure overall safety, update all malware detection and prevention systems, antivirus and anti-malware tools and other internet security programs.

About the author

Leave a Reply