Back to directory
WRITEUP #17

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file writeArbitrary file deleteTCC bypass
by@Turmio_(Mikko Kenttälä)
Program
Apple (macOS)
Published
Sep 13, 2024
Added to HackDex
Sep 18, 2024
Read Full Writeuphttps://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b
RELATED WRITEUPS
Studying 0days: How we hacked Anki, the world's most popular flashcard app
RCEComponents with known vulnerabilities
We hacked Anki - 0 day exploit from studying someone elses flashcards
RCEComponents with known vulnerabilities
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat