Month: October 2023

• CVE-2022-26730 | ColorSync

  

  CVE-2022-26730 | ColorSync | Processing a maliciously crafted image may lead to arbitrary code execution.

  h02332

  October 26, 2023

  Apple

  CVE-2022-26730, ICC Color Profile, XNU

• XNU Crash Analysis

  

  This Article is intended for quick assessment of XNU Crash Analysis. Manually debugging the Code is the only way to be sure something is or isn’t exploitable. A Crash is only a security issue if it is triggered by untrusted input.

  h02332

  October 9, 2023

  Apple

  Best Practice, Crash, Exploit, man, rtfm, Transparency

• SRD Cryptex Installation

  

  This Post will cover Connecting your Apple Security Research Device (SRD) to an X86_64 or M1 for installation of a cryptex using a Host.

  h02332

  October 9, 2023

  Apple, cryptexctl, Install, SecurityResearchTools_21C39

  Build, Code Signing, Make, SDK, SRD