Vulnerability Details CVE-2020-27192
BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2020-27192
-
cpe:2.3:a:binarynights:forklift:3.0
-
cpe:2.3:a:binarynights:forklift:3.0.1
-
cpe:2.3:a:binarynights:forklift:3.0.2
-
cpe:2.3:a:binarynights:forklift:3.0.3
-
cpe:2.3:a:binarynights:forklift:3.0.4
-
cpe:2.3:a:binarynights:forklift:3.0.5
-
cpe:2.3:a:binarynights:forklift:3.0.6
-
cpe:2.3:a:binarynights:forklift:3.0.7
-
cpe:2.3:a:binarynights:forklift:3.0.8
-
cpe:2.3:a:binarynights:forklift:3.0.9
-
cpe:2.3:a:binarynights:forklift:3.1
-
cpe:2.3:a:binarynights:forklift:3.1.1
-
cpe:2.3:a:binarynights:forklift:3.1.2
-
cpe:2.3:a:binarynights:forklift:3.2
-
cpe:2.3:a:binarynights:forklift:3.2.1
-
cpe:2.3:a:binarynights:forklift:3.2.2
-
cpe:2.3:a:binarynights:forklift:3.2.3
-
cpe:2.3:a:binarynights:forklift:3.2.4
-
cpe:2.3:a:binarynights:forklift:3.2.5
-
cpe:2.3:a:binarynights:forklift:3.2.6
-
cpe:2.3:a:binarynights:forklift:3.2.7
-
cpe:2.3:a:binarynights:forklift:3.2.8
-
cpe:2.3:a:binarynights:forklift:3.2.9
-
cpe:2.3:a:binarynights:forklift:3.3
-
cpe:2.3:a:binarynights:forklift:3.3.1
-
cpe:2.3:a:binarynights:forklift:3.3.2
-
cpe:2.3:a:binarynights:forklift:3.3.3
-
cpe:2.3:a:binarynights:forklift:3.3.4
-
cpe:2.3:a:binarynights:forklift:3.3.5
-
cpe:2.3:a:binarynights:forklift:3.3.6
-
cpe:2.3:a:binarynights:forklift:3.3.7
-
cpe:2.3:a:binarynights:forklift:3.3.8
-
cpe:2.3:a:binarynights:forklift:3.3.9
-
cpe:2.3:a:binarynights:forklift:3.4