CVE-2019-8855 and CVE-2020-3889: macOS and protected files
2020-04-03 11:10 | Lasse Trolle Borup
In this post I will document two simple logic bugs I reported to Apple last year. The first, CVE-2019-8855, had been previously found by their own team and a fix was deployed last year. The second, CVE-2020-3889 was fixed in the latest security update. The two bugs are very similar, and both can be exploited with a few commands in a terminal. They are quite simple, and they demonstrate that sometimes a security boundary can be challenged with some guesswork, without knowing all the intricate details of the implementation.