Privilege Escalation via XPC Misconfiguration in CoreCode MacUpdater
CVE-2023-41902 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files.
Learn more about our Web Application Penetration Testing UK.