First published: Mon Oct 17 2022(Updated: )
An attacker can pre-create the `/Applications/Google\ Drive.app/Contents/MacOS` directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set its setuid bit. Since the attacker owns the directory, the attacker can replace the binary with a symlink, causing the installer to set the setuid bit on the symlink. When the symlink is executed, it will run with root permissions. We recommend upgrading past version 64.0
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Drive | <64.0 | |
Apple macOS |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.