CVE-2023-50643

Exploitation Summary

EIP tracks 2 public exploits for CVE-2023-50643. PoCs published by giovannipajeu1.

AI-analyzed exploit summary The repository provides a technical writeup for CVE-2023-50643, detailing an arbitrary code execution vulnerability in Evernote for macOS v10.68.2 via the RunAsNode and enableNodeClilnspectArguments components. It includes screenshots of the exploitation process using the electroniz3r tool but lacks functional exploit code.

Description

An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components.

Exploits (2)

nomisec WRITEUP 8 stars

by giovannipajeu1 · poc

https://github.com/giovannipajeu1/CVE-2023-50643

View Code ZIP pw:eip

The repository provides a technical writeup for CVE-2023-50643, detailing an arbitrary code execution vulnerability in Evernote for macOS v10.68.2 via the RunAsNode and enableNodeClilnspectArguments components. It includes screenshots of the exploitation process using the electroniz3r tool but lacks functional exploit code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Evernote for macOS v10.68.2

No auth needed

Prerequisites: Access to the target system · Evernote for macOS v10.68.2 installed

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

inthewild WRITEUP

poc

https://github.com/v3x0r/cve-2023-50643

View Code ZIP pw:eip

The repository provides a technical writeup for CVE-2023-50643, detailing an arbitrary code execution vulnerability in Evernote for macOS v10.68.2 via the RunAsNode and enableNodeClilnspectArguments components. It includes screenshots of the exploitation process using the electroniz3r tool but lacks functional exploit code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Evernote for macOS v10.68.2

No auth needed

Prerequisites: electroniz3r tool · access to vulnerable Evernote instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources

https://www.electronjs.org/blog/statement-run-as-node-cves

Product

http://evernote.com

Exploit, Third Party Advisory

https://github.com/V3x0r/CVE-2023-50643

Evernote for macOS 10.68.2 - Remote Code Execution via RunAsNode and enableNodeClilnspectArguments

Exploitation Summary

Description

Exploits (2)

References (3)

Scores

CISA SSVC

Details