{"uuid": "42007ebf-9ba6-45db-be19-e0dc809658c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14977", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1258", "content": "#Threat_Research \nSecure coding XPC Services\nPart 1 - Why EvenBetterAuthorization is not enough? (PoC for CVE-2019-20057)\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part1\nPart 2 - Checking CS (CodeSigning) flags of the client\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part2\nPart 3 - Incorrect client verification (PoC for CVE-2020-0984)\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part3\nPart 4 - Improved client authorization (PoC for CVE-2020-14978)\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part4\nPart 5 - PID reuse attacks (PoC for CVE-2020-14977)\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part5", "creation_timestamp": "2021-01-28T15:59:56.000000Z"}