Описание
An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls.
Уязвимые конфигурации
Конфигурация 1Версия до 3.10 (включая)
cpe:2.3:a:shirt-pocket:superduper\!:*:*:*:*:*:*:*:*
EPSS
Процентиль: 2%
0.00014
Низкий
7.8 High
CVSS3
8.4 High
CVSS3
Дефекты
CWE-276
CWE-284
Связанные уязвимости
CVSS3: 7.8
github
2 месяца назад
An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls.
EPSS
Процентиль: 2%
0.00014
Низкий
7.8 High
CVSS3
8.4 High
CVSS3
Дефекты
CWE-276
CWE-284