VU#757109: Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account

Opsfolio Community
August 28, 2023, 4 weeks ago
22

Overview Groupnotes Inc. Videostream Mac client installs a LaunchDaemon that runs with root privileges. The daemon is vulnerable to a race condition that allows for arbitrary file writes. A low privileged attacker can escalate privileges to root on affected systems. Description Every five hours the Videostream LaunchDaemon runs with root privileges to check for updates. During the download, it's possible to replace the update file as any user with a crafted tar archive. The LaunchDaemon process will extract the archive...

Source: https://kb.cert.org/vuls/id/757109

VU#757109: Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account

VU#757109: Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account

Subscribe To Our Newsletter!

Popular Posts

What A Cybersecurity Degree Teach You About Protecting Businesses Against Threats

Steps to creating a healthcare app

Cybersecurity Tips For Freelance Healthcare Workers

How to Create a Secure Healthcare Website?

How to keep your child safe from infections when you are not at home?

POPULAR Media

Ransomware Payouts Are On The Rise

Defense Against Socially Engineered Attacks

Address Ransomware With Multiple Layered Security

Hitrust – Streamlining the Compliance Process