Moroccan security researcher Souhail Hammou has identified a cookie handling vulnerability in Twitter, which, in certain conditions, could be exploited to gain access to user accounts.
“Twitter official website is prone to a cookie handling vulnerability caused by persistent cookies. This means that the cookie used for an authenticated session is still available even after the session has been terminated. So, keeping the cookie active even if the user ‘logged out’ and closed the session is dangerous,” the researcher noted.
He has reported his findings to Twitter, but the company hasn’t addressed the issue yet.
Twitter representatives have told Hammou that they have been were aware of this bug for some time and they are looking into remediating it. However, they call it a “difficult problem.”
In the meantime, they argue that an attacker can only gain access to the cookies in question if he/she manages to compromise the victim’s computer.
On the other hand, in his advisory, the expert explains that cybercriminals have at least three ways in which they can steal the auth_token cookie: by being on the same network as the victim, with the use of malware, and by physically accessing the machine.