CVE-2023-41902

CVE-2023-41902

EPSS 0.2%

An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gist.github.com/NSEcho/5d048a0796ceef59d6b1df1659bd1057 https://www.corecode.io/macupdater/history2.html https://www.corecode.io/macupdater/history3.html