Pearcleaner's unauthenticated access to privileged XPC helper allows root command execution

Pearcleaner is a free, source-available and fair-code licensed mac app cleaner. The PearcleanerHelper is a privileged helper tool bundled with the Pearcleaner application. It is registered and activated only after the user approves a system prompt to allow privileged operations. Upon approval, the helper is configured as a LaunchDaemon and runs with root privileges. In versions 4.4.0 through 4.5.1, the helper registers an XPC service (com.alienator88.Pearcleaner.PearcleanerHelper) and accepts unauthenticated connections from any local process. It exposes a method that executes arbitrary shell commands. This allows any local unprivileged user to escalate privileges to root once the helper is approved and active. This issue is fixed in version 4.5.2.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

Pearcleaner 安全漏洞

Pearcleaner是Alin Lupascu个人开发者的一个mac应用程序清理工具。 Pearcleaner 4.4.0至4.5.1版本存在安全漏洞，该漏洞源于XPC服务暴露执行任意命令方法，可能导致权限提升。

N/A

N/A