3 matches found
CVE-2022-3421
An attacker can pre-create the /Applications/Google\ Drive.app/Contents/MacOS directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set i...
CVE-2022-3421 Privilege escalation in Google Drive for Desktop on MacOS
An attacker can pre-create the /Applications/Google\ Drive.app/Contents/MacOS directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set i...
CVE-2022-3421
CVE-2022-3421 (Google Drive for Desktop on macOS) is a privilege-escalation vulnerability affecting versions prior to 64.0. An attacker can pre-create the directory /Applications/Google Drive.app/Contents/MacOS, which should be root-owned. On first install, the installer places a binary in that d...