Lucene search
Eloi Benoist-Vanderbeken (@elvanderb) from Synacktiv (@Synacktiv)ZDI-23-845HistoryJun 08, 2023 - 12:00 a.m.
(Pwn2Own) Apple macOS /dev/fd Race Condition Local Privilege Escalation Vulnerability
2023-06-0800:00:00
Eloi Benoist-Vanderbeken (@elvanderb) from Synacktiv (@Synacktiv)
www.zerodayinitiative.com
26
vulnerability
privilege escalation
macos
race condition
/dev/fd
filesystem
0.001 Low
EPSS
Percentile
29.7%
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the /dev/fd filesystem. The issue results from the lack of proper locking when performing operations on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.
References
Related
nvd
nvd
CVE-2023-32413
2023-06-23 18:15:13
cve
cve
CVE-2023-32413
2023-06-23 18:15:13
prion
prion
Race condition
2023-06-23 18:15:00
cvelist
cvelist
CVE-2023-32413
2023-06-23 00:00:00
nessus
nessus
Apple iOS < 16.5 Multiple Vulnerabilities (HT213757)
2023-05-23 00:00:00
macOS 11.x < 11.7.7 Multiple Vulnerabilities (HT213760)
2023-05-18 00:00:00
macOS 12.x < 12.6.6 Multiple Vulnerabilities (HT213759)
2023-05-18 00:00:00
apple
apple
About the security content of iOS 15.7.6 and iPadOS 15.7.6
2023-05-18 00:00:00
About the security content of macOS Big Sur 11.7.7
2023-05-18 00:00:00
About the security content of macOS Monterey 12.6.6
2023-05-18 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT213760)
2023-05-22 00:00:00
Apple Mac OS X Security Update (HT213759)
2023-05-22 00:00:00
Apple Mac OS X Security Update (HT213758)
2023-05-22 00:00:00