{"uuid": "3bcbc883-e870-4813-adff-ae974fc12113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3721", "content": "The article will cover several basic concepts in macOS to provide the relevant background that will help the reader understand the process of identifying the weakness and writing an exploit that will gain a local privilege escalation by getting access to the camera through the permissions that were prreviously ganted to the Telegram application.\n. . .\nAfter that, we will write the Dylib that will be used in the exploit to perform the recording from the camera and save it to a file.\n\n\u0420\u0435\u0430\u043a\u0446\u0438\u044f Telegram \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u043f\u043e\u0445\u0443\u0439+\u043f\u043e\u0445\u0443\u0439\n\nCVE-2023-26818 - Bypass TCC with Telegram in macOS\nhttps://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/", "creation_timestamp": "2023-05-16T21:51:19.000000Z"}