Security & Compliance
DEVO-2023-0021
Zusammenfassung
Remote Desktop Manager for macOS is affected by a vulnerability.
Betroffene Produkte
Remote Desktop Manager for macOS 2023.3.9.3 and earlier
Änderungsprotokoll
2023-12-06 - Initial publication
Schweregrad
Low
Produkt
Remote Desktop Manager macOS
Behobene Version
2023.3.10.2
Code injection via environment variable
Beschreibung
Code injection in Remote Desktop Manager 2023.3.9.3 and earlier on macOS allows an attacker to execute code via the DYLIB_INSERT_LIBRARIES environment variable.
Behebungen und Workarounds
Upgrade to Remote Desktop Manager macOS 2023.3.10.2 or higher.
Schweregrad
4.8 Medium CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/U:Green
Betroffene Produkte
Remote Desktop Manager macOS 2023.3.9.3 and earlier
CVE(s)
CVE-2023-6288
Danksagungen
YoKo Kho (@yokoacc) and Fahad Alamri (@r3m0t3nu11) from HakTrak Cybersecurity Squad (HakTrak.com)