32 matches found
CVE-2026-26224
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability. A root-executed diagnostic script creates and writes files in /tmp without enforcing secure...
CVE-2026-26225
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...
CVE-2026-26225
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...
CVE-2026-26224
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability. A root-executed diagnostic script creates and writes files in /tmp without enforcing secure...
CVE-2026-26224 Intego Log Reporter TOCTOU Local Privilege Escalation
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability. A root-executed diagnostic script creates and writes files in /tmp without enforcing secure...
CVE-2026-26224 Intego Log Reporter TOCTOU Local Privilege Escalation
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability. A root-executed diagnostic script creates and writes files in /tmp without enforcing secure...
CVE-2026-26224
The CVE-2026-26224 affects Intego Log Reporter (macOS). A root-run diagnostic script creates/writes files in /tmp without secure directory handling, enabling a TOCTOU/symlink-based race that lets a local unprivileged user perform arbitrary writes to privileged system locations, causing privilege ...
CVE-2026-26224
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability. A root-executed diagnostic script creates and writes files in /tmp without enforcing secure...
CVE-2026-26225 Intego Personal Backup Task File Privilege Escalation
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...
CVE-2026-26225 Intego Personal Backup Task File Privilege Escalation
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...
CVE-2026-26225
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...
PT-2026-7915
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability. A root-executed diagnostic script creates and writes files in /tmp without enforcing secure...
Intego Log Reporter 安全漏洞
Intego Log Reporter is a log collection and analysis tool developed by Intego. There is a security vulnerability in Intego Log Reporter. This vulnerability stems from diagnostic scripts executed with root privileges, which fail to enforce secure directory handling when creating and writing files ...
PT-2026-7916
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...
Intego Personal Backup 后置链接漏洞
Intego Personal Backup is a backup tool developed by the Intego company. Intego Personal Backup has a post-installation vulnerability that stems from the fact that backup task definitions are stored in a location that can be written to by non-privileged users. However, these tasks are processed...
EUVD-2001-1146
Malware in sbrugna...
Shlayer Mac Malware Returns with Extra Sneakiness
A fresh variant of the Shlayer Mac OSX malware with advanced stealth capabilities has been spotted in the wild, actively using poisoned Google search results in order to find its victims. According to researchers at Intego, the malware, like many malware samples before it, is purporting to be an...
Threat Analysis Unit (TAU) Threat Intelligence Notification: CrescentCore (macOS)
In June of 2019, researchers at Intego discovered a new Trojan for macOS systems which they named CrescentCore. Much like Shlayer and other common malware targeting macOS systems, CrescentCore is often delivered via a fake Adobe Flash Player installer or updater. This malware employs multiple...
New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched
Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month. Intego team last week discovered four samples of new macOS...
intego.com XSS vulnerability
Vulnerable URL: https://www.intego.com/mac-security-blog/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...