CVE-2024-45599

Summary

CVE-2024-45599 is a vulnerability affecting the Cursor artificial intelligence code editor prior to version 0.41.0. If a user on macOS grants Cursor access to the camera or microphone, any program running on the machine can access these devices without explicit permission through a DyLib Injection using the DYLD_INSERT_LIBRARIES environment variable. This is due to the use of entitlements such as `com.apple.security.cs.allow-dyld-environment-variables` and `com.apple.security.cs.disable-library-validation`. The vulnerability allows untrusted code to access the camera or microphone if the user has already given permission to Cursor. In version 0.41.0, the entitlements have been split between the main process and the extension host process to mitigate the issue. As a workaround, it is recommended not to grant Cursor explicit permission to access the camera or microphone if untrusted users can run arbitrary commands on the affected machine.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.