A path handling issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to overwrite arbitrary files.
Se abordó un problema de manejo de rutas con una comprobación mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. Una aplicación maliciosa puede sobrescribir archivos arbitrarios
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the printtool daemon. The issue results from the lack of proper validation of printer icon data prior to further processing. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root.
