Arbitrary Code Execution Vulnerability in TD Bank TD Advanced Dashboard Client for macOS

Arbitrary Code Execution Vulnerability in TD Bank TD Advanced Dashboard Client for macOS

CVE-2023-50975 · Severity

The TD Bank TD Advanced Dashboard client through 3.0.3 for macOS allows arbitrary code execution because of the lack of electron::fuses::IsRunAsNodeEnabled (i.e., ELECTRON_RUN_AS_NODE can be used in production). This makes it easier for a compromised process to access banking information.

Learn more about our Cis Benchmark Audit For Apple Macos.