by @Hored1971
29 Aug 2023

CVE-2023-26818 (Sandbox): MacOS TCC Bypass W/ telegram using DyLib Injection (Part 2)

by @Hored1971
29 Aug 2023

CVE-2023-26818 (Sandbox): MacOS TCC Bypass W/ telegram using DyLib Injection (Part 2)

CVEs

5.5 Medium Severity

Apps

Telegram
TelegramTelegram
10.15.2.0.*
11.1.5.0.*
4.16.6.0.*
4.16.4.0.*
11.1.8.0.*
24046.2809.2757.3796.*
24.045.0303.0003.*
24.040.0225.0003.*
1.7.00.6058.*
16001.14326.21828.0.*

Screenshots from the blog posts

images/cllu5qweb68631hoh6isz7uax.pngimages/cllu5qweb68631hoh6isz7uax.png

Summary

In 2nd part of the analysis for CVE-2023-26818, We discussing the app sandboxing in MacOS and show how to bypass it. To exploit the vulnerability.

Description

users/photos/clp1t8yez9ki21jlp8bw0ezvd.png

@Hored1971

129 posts

Security Researcher | Playing around the core of the 7 layers to build the Zero-Day Empire.

Total vcoins

191.3K

Badges

badges/images/cl1xi65zx02el0jms239bekpv.png

Malware Researcher

Social media links

Comments (0)