CVE-2022-25366
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious .dylib file that can be executed via the DYLD_INSERT_LIBRARIES environment variable.
Cryptomator versiones hasta 1.6.5, permite una inyección de DYLIB porque, aunque presenta el flag 0x1000 para Hardened Runtime, presenta los derechos com.apple.security.cs.disable-library-validation y com.apple.security.cs.allow-dyld-environment-variables. Un atacante puede explotar esto creando un archivo .dylib malicioso que puede ser ejecutado por medio de la variable de entorno DYLD_INSERT_LIBRARIES
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-02-19 CVE Reserved
- 2022-02-19 CVE Published
- 2023-11-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-426: Untrusted Search Path
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://medium.com/%40tehwinsam/cryptomator-1-6-5-dylib-injection-8004a1e90b26 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cryptomator.org | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cryptomator Search vendor "Cryptomator" | Cryptomator Search vendor "Cryptomator" for product "Cryptomator" | <= 1.6.5 Search vendor "Cryptomator" for product "Cryptomator" and version " <= 1.6.5" | - |
Affected
| ||||||