Soumettre #641358: alaneuler batteryKid v2.1 Missing Authentication for Critical Functioninformation

Titrealaneuler batteryKid v2.1 Missing Authentication for Critical Function
DescriptionbatteryKid for macOS up to 2,1 registers a root-privileged XPC helper (me.alaneuler.batteryKid.PrivilegeHelper) that unconditionally accepts incoming connections without client validation. The helper exposes methods to read and write System Management Controller (SMC) keys, allowing any local process to invoke privileged hardware operations.
La source⚠️ https://github.com/SwayZGl1tZyyy/n-days/blob/main/batteryKid/README.md
Utilisateur
 SwayZGl1tZyyy (UID 88771)
Soumission25/08/2025 20:03 (il y a 8 mois)
Modérer01/09/2025 23:06 (7 days later)
StatutAccepté
Entrée VulDB322142 [alaneuler batteryKid jusqu’à 2.1 sur macOS NSXPCListener PrivilegeHelper.swift authentification faible]
Points18

PrécédentAperçuSuivant

Want to know what is going to be exploited?

We predict KEV entries!