We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. This product is not affiliated with the company Adobe.
Es wurde eine Schwachstelle in X1a0He Adobe Downloader bis 1.3.1 für macOS gefunden. Sie wurde als kritisch eingestuft. Hiervon betroffen ist die Funktion shouldAcceptNewConnection der Datei com.x1a0he.macOS.Adobe-Downloader.helper der Komponente XPC Service. Durch das Manipulieren mit unbekannten Daten kann eine improper privilege management-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung.
Incorrect Privilege Assignment
2024-12-19: | Advisory disclosed |
2024-12-19: | VulDB entry created |
2024-12-19: | VulDB entry last update |
winslow1984 (VulDB User)
vuldb.com/?id.288966 (VDB-288966 | X1a0He Adobe Downloader XPC Service com.x1a0he.macOS.Adobe-Downloader.helper shouldAcceptNewConnection privileges management)
vuldb.com/?ctiid.288966 (VDB-288966 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/?submit.464685 (Submit #464685 | https://github.com/X1a0He Adobe-Downloader <= 1.3.1 Local Privilege Escalation)
winslow1984.com/...downloader-131-local-privilege-escalation
Support options