CVE-2014-8835

Apple macOS X < 10.10.2 - Remote Code Execution via XPC Type Confusion in libxpc

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-8835. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit targets CVE-2024-8835, a vulnerability in OS X's sysmond daemon, allowing arbitrary code execution via XPC message manipulation. The PoC leverages controlled xpc_data objects to trigger unsafe memory operations, leading to potential privilege escalation.

Description

The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary's Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a crafted dictionary to sysmond, related to an "XPC type confusion" issue.

Exploits (1)

exploitdb WORKING POC

by Google Security Research · clocalosx

https://www.exploit-db.com/exploits/35742

View Code ZIP pw:eip

This exploit targets CVE-2024-8835, a vulnerability in OS X's sysmond daemon, allowing arbitrary code execution via XPC message manipulation. The PoC leverages controlled xpc_data objects to trigger unsafe memory operations, leading to potential privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Apple OS X 10.9.5 (sysmond daemon)

No auth needed

Prerequisites: Access to a vulnerable OS X system · Compilation with liblorgnette

MITRE ATT&CK