"PoC Code Published for High-Severity macOS Sandbox Escape Vulnerability"

Security researchers at Trend Micro's Zero Day Initiative (ZDI) have published details and proof-of-concept (PoC) code for a macOS vulnerability that could be exploited to escape a sandbox and execute code within Terminal.  Tracked as CVE-2022-26696 (CVSS score of 7.8), the security defect was identified and reported last year, with a patch available since the release of macOS Monterey 12.4 in May.  Apple, in an advisory, noted that the flaw allowed a sandboxed process to circumvent sandbox restrictions and that improved environment sanitization resolved the issue.  Successful exploitation of the vulnerability would require for the attacker to be able to execute low-privileged code on the target system.  The researchers noted that the specific flaw exists within the handling of XPC messages in the LaunchServices component.  A crafted message can trigger the execution of a privileged operation.  The researchers stated that an attacker able to exploit this vulnerability could "escalate privileges and execute arbitrary code in the context of the current user."

SecurityWeek reports: "PoC Code Published for High-Severity macOS Sandbox Escape Vulnerability"