CVE-2019-8805 PoC — Apple macOS Catalina System Extensions组件输入验证错误漏洞

Source

https://github.com/securelayer7/CVE-2019-8805

Associated Vulnerability

Title:Apple macOS Catalina System Extensions组件输入验证错误漏洞 (CVE-2019-8805)
Description:Apple macOS Catalina是美国苹果（Apple）公司的一套专为Mac计算机所开发的专用操作系统。System Extensions是其中的一个系统扩展程序。 Apple macOS Catalina 10.15.1之前版本中存在System Extensions组件存在安全漏洞。攻击者可利用该漏洞以系统权限执行任意代码。

Description

Exploit for CVE-2019-8805 Apple EndpointSecurity framework Privilege Escalation

Readme

# CVE-2019-8805
Exploit for CVE-2019-8805 Apple EndpointSecurity framework Privilege Escalation

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.

# Compile and Execute

- Compile
```
gcc -framework Foundation appleEPSPrivEsc.m -o appleEPSPrivEsc
```
- Execute
```
./appleEPSPrivEsc
```

![image](https://github.com/user-attachments/assets/a145a515-ae05-4cb4-91e2-b7da69037a22)

File Snapshot


 [4.0K]  /data/pocs/3c76b152741b2bbb00282b12d4db176527f57591
├── [5.3K]  appleEPSPrivEsc.m
└── [ 592]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!