Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Arduino IDE for macOS has Insecure File Permissions
Vulnerability Description
Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the application, the malicious code executes with that user's privileges, enabling privilege escalation and unauthorized access to sensitive data. The fix is included starting from the `2.3.7` release.
CVSS Information
N/A
Vulnerability Type
缺省权限不正确
Vulnerability Title
Arduino IDE 安全漏洞
Vulnerability Description
Arduino IDE是Arduino开源的一个开发工具。 Arduino IDE 2.3.7之前版本存在安全漏洞,该漏洞源于文件权限配置不当,可能导致权限提升和敏感数据访问。
CVSS Information
N/A
Vulnerability Type
N/A