Named pasteboards enable developers to share data with other parts of an application or with other applications that have the same team ID. Configuring named pasteboards as persistent is a deprecated feature that can lead to sensitive data exposure. When a pasteboard is marked persistent, data stored in the pasteboard can be saved unencrypted to local storage, and it persists across application and device restarts.
Example 1: In the following example, a named pasteboard is created and configured as persistent by invoking setPersistent:YES.

  ...
  UIPasteboard *pasteboard = [UIPasteboard pasteboardWithName:@"myPasteboard" create:YES];
  [pasteboard setPersistent:YES];
  ...

Granting full anonymous access to a bucket or object allows attackers to read the content or replace it with malicious content.

Example 1: The following code sets an Access Control Policy that grants full anonymous access to the foo bucket.

    GetBucketAclRequest bucketAclReq = GetBucketAclRequest.builder().bucket("foo").build();
    GetBucketAclResponse getAclRes = s3.getBucketAcl(bucketAclReq);
    List<Grant> grants = getAclRes.grants();

    Grantee allusers = Grantee.builder().uri("http://acs.amazonaws.com/groups/global/AllUsers").build();
    Permission fc_permission = Permission.fromValue("FullControl");
    Grant grant = Grant.builder().grantee(allusers).permission(fc_permission).build();
    grants.add(grant);

    AccessControlPolicy acl = AccessControlPolicy.builder().grants(grants).build();

Granting anonymous permission to read a bucket or object Access Control Policy (ACP) allows attackers to discover which objects can be retrieved or overwritten.

Example 1: The following code sets an Access Control Policy that grants anonymous read ACP access to the foo bucket.

    GetBucketAclRequest bucketAclReq = GetBucketAclRequest.builder().bucket("foo").build();
    GetBucketAclResponse getAclRes = s3.getBucketAcl(bucketAclReq);
    List<Grant> grants = getAclRes.grants();

    Grantee allusers = Grantee.builder().uri("http://acs.amazonaws.com/groups/global/AllUsers").build();
    Permission fc_permission = Permission.fromValue("READ_ACP");
    Grant grant = Grant.builder().grantee(allusers).permission(fc_permission).build();
    grants.add(grant);

    AccessControlPolicy acl = AccessControlPolicy.builder().grants(grants).build();

Granting read anonymous access to a bucket or object will allow attackers to read its contents.

Example 1: The following code sets an Access Control Policy that grants anonymous read access to the foo bucket.

    GetBucketAclRequest bucketAclReq = GetBucketAclRequest.builder().bucket("foo").build();
    GetBucketAclResponse getAclRes = s3.getBucketAcl(bucketAclReq);
    List<Grant> grants = getAclRes.grants();

    Grantee allusers = Grantee.builder().uri("http://acs.amazonaws.com/groups/global/AllUsers").build();
    Permission fc_permission = Permission.fromValue("Read");
    Grant grant = Grant.builder().grantee(allusers).permission(fc_permission).build();
    grants.add(grant);

    AccessControlPolicy acl = AccessControlPolicy.builder().grants(grants).build();

Granting anonymous permission to write a bucket or object Access Control Policy (ACP) allows attackers to read or write any content to that bucket.

Example 1: The following code sets an Access Control Policy that grants anonymous write ACP access to the foo bucket.

    GetBucketAclRequest bucketAclReq = GetBucketAclRequest.builder().bucket("foo").build();
    GetBucketAclResponse getAclRes = s3.getBucketAcl(bucketAclReq);
    List<Grant> grants = getAclRes.grants();

    Grantee allusers = Grantee.builder().uri("http://acs.amazonaws.com/groups/global/AllUsers").build();
    Permission fc_permission = Permission.fromValue("WRITE_ACP");
    Grant grant = Grant.builder().grantee(allusers).permission(fc_permission).build();
    grants.add(grant);

    AccessControlPolicy acl = AccessControlPolicy.builder().grants(grants).build();

Granting anonymous write access to a bucket or object allows attackers to replace the content or upload malicious content.

Example 1: The following code sets an Access Control Policy that grants anonymous write access to the foo bucket.

    GetBucketAclRequest bucketAclReq = GetBucketAclRequest.builder().bucket("foo").build();
    GetBucketAclResponse getAclRes = s3.getBucketAcl(bucketAclReq);
    List<Grant> grants = getAclRes.grants();

    Grantee allusers = Grantee.builder().uri("http://acs.amazonaws.com/groups/global/AllUsers").build();
    Permission fc_permission = Permission.fromValue("Write");
    Grant grant = Grant.builder().grantee(allusers).permission(fc_permission).build();
    grants.add(grant);

    AccessControlPolicy acl = AccessControlPolicy.builder().grants(grants).build();

The identified function writes data to the general pasteboard without excluding it from Universal Clipboard synchronization across devices via Handoff.

Content written to the general pasteboard is persistently stored across device restarts, app uninstalls, and app restores. Using the general pasteboard with the Universal Clipboard feature enabled increases the risk of stolen or modified pasteboard data as part of a Clipboard Hijacking attack by a malicious application running on another device.

Furthermore, because Universal Clipboard is compatible with devices running either iOS 10 and later or macOS Sierra and later, an increased threat is introduced by compatible devices running an older operating system that does not contain more recent privacy and security updates aimed to protect unauthorized clipboard access.

Example 1: In the following code, data is written to the general pasteboard setting the items property that shares pasteboard content between the user's devices by default via Universal Clipboard.

...
UIPasteboard *pasteboard = [UIPasteboard generalPasteboard];
NSDictionary *items = @{
    UTTypePlainText : sensitiveDataString,
    UTTypePNG : [UIImage imageWithData:medicalImageData]
};
[pasteboard setItems: @[items]];
...

Example 2: In the following code, data is written to the general pasteboard by calling the setObjects:localOnly:expirationDate: method with Universal Clipboard behavior explicitly enabled by setting the localOnly parameter to NO.

...
UIPasteboard *pasteboard = [UIPasteboard generalPasteboard];
[pasteboard setObjects:@[sensitiveDataString, [UIImage imageWithData:medicalImageData]] 
            localOnly:NO 
            expirationDate:[NSDate distantFuture]];
...