Security News Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

[correlate]

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
May 4, 2019
825
Content source
https://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b
I found a zero-click vulnerability in macOS Calendar, which allows an attacker to add or delete arbitrary files inside the Calendar sandbox environment. This could lead to many bad things including malicious code execution which can be combined with security protection evasion with Photos to compromise users’ sensitive Photos iCloud Photos data. Apple has fixed all of the vulnerabilities between October 2022 and September 2023.
Click to expand...
 
  • Like
Reactions: Gandalf_The_Grey and simmerskool

Similar threads

lokamoka820
    • Like
    • +Reputation
Security News Google Patches Another Zero-Day Vulnerability in Chrome
Replies
6
Views
1,848
Security News
lokamoka820
lokamoka820
Gandalf_The_Grey
    • Like
    • +Reputation
Security News December Android updates fix critical zero-click RCE flaw
Replies
0
Views
1,618
Security News
Gandalf_The_Grey
Gandalf_The_Grey
enaph
    • +Reputation
    • Like
Security News Apple Safari Flaw “HM Surf” Allows Unauthorized Data Access on macOS
Replies
0
Views
1,322
Security News
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top