{"vulnerability": "CVE-2019-20057", "sightings": [{"uuid": "ec3bff9a-e7d2-40b7-87c4-968ab44d2d68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-20057", "type": "seen", "source": "https://t.me/ctinow/210309", "content": "https://ift.tt/PDVcLlp\nCVE-2019-20057 | Proxyman up to 1.11.0 on macOS Privileged Helper Tool Proxy data authenticity (Issue 364)", "creation_timestamp": "2024-03-18T09:41:36.000000Z"}, {"uuid": "3e4cdd4c-19c3-43c5-96d4-ba75c26e2ebf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-20057", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1258", "content": "#Threat_Research \nSecure coding XPC Services\nPart 1 - Why EvenBetterAuthorization is not enough? (PoC for CVE-2019-20057)\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part1\nPart 2 - Checking CS (CodeSigning) flags of the client\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part2\nPart 3 - Incorrect client verification (PoC for CVE-2020-0984)\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part3\nPart 4 - Improved client authorization (PoC for CVE-2020-14978)\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part4\nPart 5 - PID reuse attacks (PoC for CVE-2020-14977)\nhttps://theevilbit.github.io/posts/secure_coding_xpc_part5", "creation_timestamp": "2021-01-28T15:59:56.000000Z"}]}