Vulnerabilities

CVE-2020-27192

by Fred · 16/11/2020

BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift’s helper tool.

Date published : 2020-11-16

Forklift <=3.3.9 and <=3.4 Local Privilege Escalations on macOS (CVE-2020-15349/CVE-2020-27192)

Similar

Tags: Cybersecurity Alert