So how exactly could this vulnerability be used in a real-world attack scenario? That’s somewhat more complicated. What might a real-world attack scenario look like? However, it may be used in targeted attack scenarios.
We are not aware of any active use of this vulnerability in the wild at this time. The vulnerability is considered a “zero day” because it is public knowledge, and Apple has not yet fixed it. Is this zero-day vulnerability being actively exploited in the wild?
fileloc file, without a need to mangle the file:// protocol in. fileloc extension will allow the file: protocol (spelled in all lowercase) to work again. Moreover, yet another researcher, Vladimir Metnew, pointed out that Apple’s mitigation also does not apply to the virtually identical. The beta versions of Apple’s upcoming macOS Monterey are also vulnerable, as confirmed by another researcher, Patrick Wardle. The only problem is that Apple’s mitigation can be completely bypassed simply by changing the protocol’s capitalization, for example to FiLe. inetloc files could be used with the file: protocol to launch applications or files on the local system, while bypassing Apple’s File Quarantine and Gatekeeper technologies.Īpple attempted to quietly mitigate this in macOS Big Sur by simply disallowing the file: URI in. Various types of files in macOS can open a URI. This vulnerability allows any program that can attach and execute files (iMessage, MS Office…) to Remote Code Execution Independent security researcher Park Minchan explains:Ī vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands, these files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user.Īpple’s Mail app for Mac is not the only method of delivery, however. What exactly is the “inetloc” vulnerability?
Let’s take a look at what the vulnerability entails, and how an attacker could use it. The bug effectively allows an attacker to bypass Apple’s File Quarantine and Gatekeeper technologies.Īpple attempted to silently fix the vulnerability in macOS Big Sur, but failed to do so properly. Security & Privacy Remotely exploitable “inetloc” zero-day vulnerability hits the MacĪn independent researcher has just published details of a “macOS Finder RCE” (remote code execution) vulnerability.
0 kommentar(er)
