macOS WorkflowKit Race Vulnerability Allows Malicious Apps to Intercept Shortcuts
gbhackersA race condition vulnerability in Apple’s WorkflowKit has been identified, allowing malicious applications to intercept and manipulate shortcuts on macOS systems.
This vulnerability, cataloged as CVE-2024-27821, affects the shortcut extraction and generation processes within the WorkflowKit framework, which is integral to the Shortcuts app on macOS Sonoma.
macOS WorkflowKit Race Vulnerability
The vulnerability arises from a race condition in the method responsible for extracting signed shortcut files. The method -[WFShortcutPackageFile preformShortcutDataExtractionWithCompletion:] contains a flaw that can be exploited by malicious apps.
Maximizing Cybersecurity ROI: Expert Tips for SME & MSP Leaders – Attend Free Webinar
These apps can intercept shortcut files during the import process, bypassing the need for a valid signature check. The exploitation involves modifying the extracted files before they are finalized, allowing an attacker to inject malicious code into shortcuts without user consent.
Moreover, another race condition was discovered in the method generateSignedShortcutFileRepresentationWithPrivateKey:signingContext:error.
This flaw ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE