Privilege Escalation via XPC Misconfiguration in CoreCode MacUpdater

Privilege Escalation via XPC Misconfiguration in CoreCode MacUpdater

CVE-2023-41902 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files.

Learn more about our Web Application Penetration Testing UK.