CVE-2014-4492

Apple iOS <8.1.3, OS X <10.10.2, TV <7.0.3 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-4492. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit targets CVE-2014-4492 in Apple's networkd service by leveraging a heap spray technique and ROP gadgets to achieve arbitrary code execution. It uses a crafted XPC message to trigger the vulnerability and execute a command via a fake Objective-C class structure.

Description

libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · clocalosx

https://www.exploit-db.com/exploits/35847

View Code ZIP pw:eip

This exploit targets CVE-2014-4492 in Apple's networkd service by leveraging a heap spray technique and ROP gadgets to achieve arbitrary code execution. It uses a crafted XPC message to trigger the vulnerability and execute a command via a fake Objective-C class structure.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Apple networkd service (macOS)

No auth needed

Prerequisites: Access to the target system · Compilation with Lorgnette library

MITRE ATT&CK