CVE-2001-1165

Intego FileGuard 4.0 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1165. PoCs published by MacSec.

AI-analyzed exploit summary The exploit describes a vulnerability in Intego FileGuard where weak encryption allows local users to decrypt stored passwords, bypassing access controls. The provided tool 'Disengage' automates this process, enabling privilege escalation.

Description

Intego FileGuard 4.0 uses weak encryption to store user information and passwords, which allows local users to gain privileges by decrypting the information, e.g., with the Disengage tool.

Exploits (1)

exploitdb WRITEUP VERIFIED
by MacSec · textlocalosx
https://www.exploit-db.com/exploits/21076

The exploit describes a vulnerability in Intego FileGuard where weak encryption allows local users to decrypt stored passwords, bypassing access controls. The provided tool 'Disengage' automates this process, enabling privilege escalation.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Intego FileGuard (Mac OS 7-9.1)
No auth needed
Prerequisites: Local access to the system · Presence of encrypted passwords stored by Intego FileGuard
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3213
Various Sources x_refsource_misc
http://www.securemac.com/fileguard.php#disengage
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/7018.php

Scores

EPSS 0.0049
EPSS Percentile 38.5%

Details

Status published
Products (2)
intego/diskguard 2.0
intego/fileguard 4.0
Published Apr 01, 2002
Tracked Since Feb 18, 2026