CVE-2023-49313

CRITICAL

XMachOViewer 0.04 - Code Injection

Title source: llm

Description

A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data.

Exploits (1)

nomisec WORKING POC 4 stars

by louiselalanne · poc

https://github.com/louiselalanne/CVE-2023-49313

View Code ZIP pw:eip

References (2)

[Product] https://github.com/horsicq/XMachOViewer

[Exploit, Third Party Advisory] https://github.com/louiselalanne/CVE-2023-49313

Scores

CVSS v3 9.8

EPSS 0.0417

EPSS Percentile 88.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-94

Status published

Products (1)

horsicq/xmachoviewer 0.04

Published Nov 28, 2023

Tracked Since Feb 18, 2026