CVE-2017-8665
HIGHMicrosoft Xamarin.ios < 10.11 - Incorrect Permission Assignment
Title source: ruleDescription
The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary code as root, aka "Xamarin.iOS Elevation Of Privilege Vulnerability."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Securify · textlocalmacos
https://www.exploit-db.com/exploits/42454
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/42454/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/100308
Patch, Release Notes, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8665
Scores
CVSS v3
7.8
EPSS
0.1076
EPSS Percentile
93.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (2)
microsoft/xamarin.ios
< 10.11
Microsoft Corporation/Xamarin.iOS
Xamarin.iOS
Published
Aug 15, 2017
Tracked Since
Feb 18, 2026