DYLIB Injection Vulnerability in JetBrains Toolbox App on macOS
CVE-2022-48481

5.2MEDIUM

Key Information:

Vendor: Jetbrains
Status: Toolbox App
Vendor: CVE Published:; 28 April 2023

Summary

A vulnerability in the JetBrains Toolbox App prior to version 1.28 allows attackers to perform DYLIB injection on macOS systems. This could enable unauthorized access to sensitive data and execution of malicious code, putting users at risk. JetBrains has addressed this issue in subsequent updates, urging users to upgrade to ensure their systems are secure.

Affected Version(s)

Toolbox App macOS 0 < 1.28

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

5.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 28, 2023
Vulnerability Reserved
Apr 28, 2023