Lucene search
@jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_GatechZDI-20-681HistoryMay 28, 2020 - 12:00 a.m.
(Pwn2Own) Apple macOS cfprefsd Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
2020-05-2800:00:00
@jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech
www.zerodayinitiative.com
75
EPSS
0.002
Percentile
56.6%
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file permisions. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the root.
References
Related
metasploit
metasploit
macOS cfprefsd Arbitrary File Write Local Privilege Escalation
2020-08-18 07:56:01
prion
prion
Race condition
2020-06-09 17:15:00
packetstorm
packetstorm
macOS cfprefsd Arbitrary File Write / Local Privilege Escalation
2020-09-07 00:00:00
cvelist
cvelist
CVE-2020-9839
2020-06-09 16:16:12
cve
cve
CVE-2020-9839
2020-06-09 17:15:14
nvd
nvd
CVE-2020-9839
2020-06-09 17:15:14
zdt
zdt
macOS cfprefsd Arbitrary File Write / Local Privilege Escalation Exploit
2020-09-07 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT211170)-04
2020-05-27 00:00:00
apple
apple
About the security content of watchOS 6.2.5
2020-05-18 00:00:00
About the security content of tvOS 13.4.5
2020-05-20 00:00:00
About the security content of watchOS 6.2.5 - Apple Support
2020-09-21 04:34:00
nessus
nessus