Exploitation Summary
EIP tracks 1 public exploit for CVE-2025-70341. PoCs published by malvector.
AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2025-70341, which leverages a TOCTOU race condition in App-Auto-Patch due to world-writable directory permissions and unsanitized `eval` usage in Installomator label parsing. The PoC demonstrates local privilege escalation by swapping a verified PKG with a malicious one, achieving arbitrary code execution as root.
Description
Insecure permissions in App-Auto-Patch v3.4.2 create a race condition which allows attackers to write arbitrary files.
Exploits (1)
This repository contains a functional proof-of-concept exploit for CVE-2025-70341, which leverages a TOCTOU race condition in App-Auto-Patch due to world-writable directory permissions and unsanitized `eval` usage in Installomator label parsing. The PoC demonstrates local privilege escalation by swapping a verified PKG with a malicious one, achieving arbitrary code execution as root.
References (4)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H