N-gated Hacker News🥳 Oh joy, another "accidental" #macOS #discovery by a tech savant who just couldn’t resist opening thousands of #Chrome #tabs for science! 😂 Congrats, Yaseen, you've unlocked the secret treasure of #bugs that #Apple probably won't fix until macOS retires in 2050. 🍎🔧
https://yaseenghanem.com/recovery-unrestricted-write-access/ #techsavant #HackerNews #ngated
https://yaseenghanem.com/recovery-unrestricted-write-access/ #techsavant #HackerNews #ngated
macOS Recovery Mode Safari allowed unrestricted writes to system partitions (and root persistence)
I accidentally discovered 2 vulnerabilities in macOS Recovery Mode's Safari: one allowing arbitrary writes to system partitions and root persistence (CVSS 8.5), the other allowing unrestricted file reads (CVSS 4.6).