tags:macostoctoulpe original link: CVE-2023-42942: xpcroleaccountd Root Privilege Escalation newsletter link: exploits.club Weekly Newsletter 11
Exploits Club Summary:
@patch1t released a write-up for an PrivEsc he found and reported to Apple last month. The TOCTOU bug was able to be exploited with a symbolic link. The symbolic link initially points at a legitimate Apple-signed XPC bundle, but is swapped out after the signature verification.