/POC

A public collection of POCs & Exploits for the vulnerabilities I discovered

Primary LanguageObjective-CApache License 2.0Apache-2.0

POC

For research purposes only!

A public collection of POCs & Exploits for the vulnerabilities I discovered.

  • CVE-2022-22583 PackageKit: An application may be able to access restricted files (SIP Bypass)
  • CVE-2022-26690 PackageKit: A malicious application may be able to modify protected parts of the file system (SIP Bypass)
  • CVE-2022-32800 PackageKit: An app may be able to modify protected parts of the file system (SIP Bypass)
  • CVE-2022-26728 SoftwareUpdate: A malicious application may be able to access restricted files (TCC Bypass)
  • CVE-2022-22616 Safari Downloads: A maliciously crafted ZIP archive may bypass Gatekeeper checks (Gatekeeper Bypass)
  • CVE-2022-22639 SoftwareUpdate: An application may be able to gain elevated privileges
  • CVE-2022-26712 PackageKit: A malicious application may be able to modify protected parts of the file system (SIP Bypass)
  • CVE-2022-32786 PackageKit: An app may be able to modify protected parts of the file system (SIP Bypass)
  • CVE-2023-23525 LaunchServices: An app may be able to gain root privileges