This process runs as root on macOS and gives the attacker access to the user’s calendar, address book, and photos. According to Trellix, the discovery of the original vulnerability “opened a huge range of potential vulnerabilities that we are still exploring.” The researchers say the vulnerability could be exploited to gain access to personal information including messages, location data, call history, and photos.Īs the researchers explain, “An attacker with code execution in a process with the proper entitlements, such as Messages or Safari, can send a malicious NSPredicate and execute code with the privileges of this process. In a blog post, Trellix outlined the findings of the Foundation flaw, which include “a large new class of bugs that allow bypassing code signing to execute arbitrary code in the context of several platform applications, leading to escalation of privileges and sandbox escape on both macOS and iOS.” The bug originates from the so-called FORCEDENTRY Sandbox Escape flaw that exploited Apple’s NSPredicate class and was patched in September.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |