PT-2020-16834 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 Description: A path handling issue was addressed with improved validation, allowing a remote attacker to potentially modify the file system. Recommendations: For versions prior to 11.0.1, update to macOS Big Sur...

CVE-2018-4433

CVE-2018-4433 describes a configuration issue that could allow a malicious application to modify protected parts of the file system. The entry is fixed by Apple in macOS Mojave 10.14.4 and Security Update 2019-002 for High Sierra and Sierra, as well as in watchOS 5, iOS 12, and tvOS 12. Public re...

The vulnerability of the update service for microprogramming software of Cisco TelePresence Collaboration Endpoint Software and the Cisco RoomOS operating system allows a hacker to modify the file system, trigger a service failure, or gain privileged access to the root file system.

The vulnerability of the software update service for Cisco TelePresence Collaboration Endpoint Software and the operating system Cisco RoomOS exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability can allow...

CVE-2020-9820

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5. A remote attacker may be able to modify the file system...

Design/Logic Flaw

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5. A remote attacker may be able to modify the file system...

Authentication flaw

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to modify protected parts of the file system...

CVE-2020-9851

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to modify protected parts of the file system...

CVE-2019-8568

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system...

Input validation

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system...

CleanMyMac X Elevation of Privilege Vulnerability

MacPaw CleanMyMac X is a cleaning tool dedicated to the macOS platform from MacPaw USA. The product is capable of removing junk files, history cache, logs, etc. from your computer. An input validation vulnerability exists in CleanMyMac X version 4.20, which stems from the program's inability to...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the helper service CleanMyMac X, version 4.20, due to improper updating. The application failed to remove the vulnerable components upon upgrading to the latest version, leaving the user open to attack. A user with local access can use...

CleanMyMac X incomplete update patch privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service CleanMyMac X, version 4.20, due to improper updating. The application failed to remove the vulnerable components upon upgrading to the latest version, leaving the user open to attack. A user with local access c...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the way the CleanMyMac X software improperly validates inputs. An attacker with local access could use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful exploit...

Privilege escalation

The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access can use this vulnerability to modify the file system as root...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

CVE-2018-4034

The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root...

CVE-2018-4035

The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root...