3 matches found
CVE-2024-23746
Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents...
CVE-2024-23746
Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents...
CVE-2024-23746
CVE-2024-23746 (Miro Desktop 0.8.18 on macOS) : Local Electron code injection is possible through a multi-step bypass of kTCCServiceSystemPolicyAppBundles (including a file copy, app.app/Contents rename, an asar modification, then a final rename). This is described across multiple sources as enab...