{"vulnerability": "CVE-2020-4008", "sightings": [{"uuid": "17e0a274-055c-4997-8cce-5838e382a942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4008", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2308", "content": "Attacking Unattended Installs on macOS\nhttps://medium.com/tenable-techblog/attacking-unattended-installs-on-macos-dfc1f57984e0\n]-> Carbon Black Installer Multiple Vulnerabilities (PoC for CVE-2020-4008)\nhttps://www.tenable.com/security/research/tra-2020-69\n]-> Druva inSync Installer Privilege Escalation (PoC for CVE-2020-5798)\nhttps://www.tenable.com/security/research/tra-2020-67", "creation_timestamp": "2020-12-17T11:07:01.000000Z"}, {"uuid": "4abaed70-3051-4490-b786-620bc6c886d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4008", "type": "seen", "source": "https://t.me/cibsecurity/20936", "content": "\u203c CVE-2020-4008 \u203c\n\nThe installer of the macOS Sensor for VMware Carbon Black Cloud prior to 3.5.1 handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS sensor is going to be installed, may overwrite a limited number of files with output from the sensor installation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T18:41:51.000000Z"}]}