| 제목 | AppHouseKitchen AlDente - Charge Limiter < 1.30 Privilege Escalation |
|---|
| 설명 | AppHouseKitchen AlDente-Charge Limiter <1.30 is vulnerable to unauthorized privileged hardware operations due to its insecure XPC client validation. The XPC server does not verify whether the client is valid, an attacker can communicate with the XPC server and instruct it to perform privileged hardware operation, such as reading and modifying hardware settings, by calling exposed methods of the helper protocol. In certain situations, physical damage and danger are possible, such as overheat, instability. |
|---|
| 원천 | ⚠️ https://winslow1984.com/books/cve-collection/page/aldente-charge-limiter-130-unauthorized-privileged-hardware-operations |
|---|
| 사용자 | winslow1984 (UID 79140) |
|---|
| 제출 | 2025. 01. 31. AM 06:29 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 02. 06. PM 12:58 (6 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 294844 [AppHouseKitchen AlDente Charge Limiter 까지 1.29 켜짐 macOS XPC Service com.apphousekitchen.aldente-pro.helper shouldAcceptNewConnection 권한 상승] |
|---|
| 포인트들 | 20 |
|---|