MEDIUM🇵🇱 Wersja polska

CVE-2018-10407

CVSS 5.5v3.0pub. 2018-06-13upd. 2024-11-21

An issue was discovered in Carbon Black Cb Response. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute.

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
  • Carbonblack Carbon Black Cb

    APP
    Carbonblack
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2016-9568CRITICAL9.8ten sam vendor

A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform un...

CVE-2016-9570HIGH7.5ten sam vendor

cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service (out-of-bounds read, invalid ...

CVE-2016-9569MEDIUM4.4ten sam vendor

The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial...

CVE-2014-1615MEDIUM6.8ten sam vendor

Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers...