CVE-2023-41036
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 7, 2023
Updated: Mar 18, 2024
CWE ID 269
Summary
CVE-2023-41036 is a privilege escalation vulnerability affecting Macvim, a text editor for MacOS. Prior to version 178, Macvim employs an insecure interprocess communication (IPC) mechanism using Apple's distributed objects, which can be accessed by any program on the machine. This vulnerability could lead to a privilege escalation, potentially granting an attacker root access to the system. MacVim users who edit files requiring root privileges are at risk. Version 178 of Macvim includes a fix to address this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Mac Vim
Affected Vendors
- MacVim