This vulnerability allows local malicious users to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of directory paths. The code is subject to a time-of-check/time-of-use race condition when performing path validation. An attacker can leverage this vulnerability to escalate privileges from low integrity and execute code in the context of root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |
||
apple mac os x 10.15.7 |
||
apple macos |
||
apple watchos |
||
apple iphone os |
||
apple ipados |
||
apple tvos |