CVE-2024-23746

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-23746
Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents).

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://book.hacktricks.xyz/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection Exploit Third Party Advisory
https://github.com/louiselalanne/CVE-2024-23746 Exploit Third Party Advisory
https://miro.com/about/ Product
https://www.electronjs.org/blog/statement-run-as-node-cves
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:miro:miro:0.8.18:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
History

21 Mar 2024, 02:52

Type Values Removed Values Added
Summary (en) Miro Desktop 0.8.18 on macOS allows code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents). (en) Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents).

08 Mar 2024, 05:15

Type Values Removed Values Added
Summary (en) Miro Desktop 0.8.18 on macOS allows Electron code injection. (en) Miro Desktop 0.8.18 on macOS allows code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents).
References
  • () https://www.electronjs.org/blog/statement-run-as-node-cves -

10 Feb 2024, 04:09

Type Values Removed Values Added
CWE CWE-94
References () https://book.hacktricks.xyz/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection - () https://book.hacktricks.xyz/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection - Exploit, Third Party Advisory
References () https://github.com/louiselalanne/CVE-2024-23746 - () https://github.com/louiselalanne/CVE-2024-23746 - Exploit, Third Party Advisory
References () https://miro.com/about/ - () https://miro.com/about/ - Product
CPE cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:a:miro:miro:0.8.18:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
First Time Apple
Apple macos
Miro miro
Miro
Summary
  • (es) Miro Desktop 0.8.18 en macOS permite la inyección de código Electron.

02 Feb 2024, 02:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-02 02:15

Updated : 2024-03-21 02:52

NVD link : CVE-2024-23746

Mitre link : CVE-2024-23746

CVE.ORG link : CVE-2024-23746

JSON object : View

Products Affected

miro

  • miro

apple

  • macos
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')