Privilege Escalation Vulnerability in BinaryNights ForkLift 3.4

Privilege Escalation Vulnerability in BinaryNights ForkLift 3.4

CVE-2020-27192 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool.

Learn more about our Web Application Penetration Testing UK.