Skip to content
View kohnakagawa's full-sized avatar
🌴
On vacation
🌴
On vacation
117 followers · 18 following

Achievements

Achievement: YOLOAchievement: Starstruckx2Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: YOLOAchievement: Starstruckx2Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Block or report kohnakagawa

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
kohnakagawa/README.md

CVE List

CVE Platform Vendor Product Classification
CVE-2022-3155 macOS Mozilla Thunderbird Gatekeeper bypass
CVE-2022-3421 macOS Google Google Drive for Desktop LPE
CVE-2022-28768 macOS Zoom Zoom for macOS Installers LPE
CVE-2022-42789 macOS Apple macOS (AppleMobileFileIntegrity) TCC bypass
CVE-2023-21611 macOS Adobe Adobe Acrobat Reader LPE
CVE-2023-21612 macOS Adobe Adobe Acrobat Reader LPE
CVE-2023-23533 macOS Apple macOS (Sandbox) SIP bypass
CVE-2023-24930 macOS Microsoft OneDrive LPE
CVE-2023-25953 macOS WORKS MOBILE Japan LINE WORKS Drive Explorer TCC bypass
CVE-2023-26396 macOS Adobe Adobe Acrobat Reader LPE
CVE-2023-27529 macOS Wacom Wacom Tablet Driver installer LPE
CVE-2023-28261 macOS Microsoft Microsoft Edge (Chromium-based) LPE
CVE-2023-28596 macOS Zoom Zoom for macOS Installers LPE
CVE-2023-28600 macOS Zoom Zoom for macOS clients LPE
CVE-2023-29166 macOS Apple Pro Video Formats SIP bypass
CVE-2023-32357 macOS Apple macOS (Sandbox) TCC bypass (App Protection)
CVE-2023-32546 macOS Chatwork Chatwork Desktop Application TCC bypass
CVE-2023-41775 macOS L is B Corp. "direct" Desktop App for macOS TCC bypass
CVE-2023-41979 macOS Apple macOS (XProtectFramework) SIP bypass
CVE-2023-42860 macOS Apple macOS (PackageKit) SIP bypass
CVE-2023-42876 macOS Apple macOS (BOM) Out-of-bounds read
CVE-2023-42886 macOS Apple macOS (CoreServices) Buffer overread
CVE-2024-23201 iOS/macOS Apple iOS/macOS (libxpc) DoS
CVE-2024-40843 macOS Apple macOS (XProtect) TCC bypass

CVE not assigned (but acknowledged)

Platform Vendor Product Link Memo
macOS Apple macOS (APFS) Apple Security Updates APFS timestamp flaw
macOS Apple macOS (File Quarantine) Apple Security Updates Gatekeeper bypass
macOS Apple macOS (quarantine) Apple Security Updates Gatekeeper bypass
macOS Apple macOS (Rosetta) Apple Security Updates XProtect bypass
macOS Apple macOS (Automator) Apple Security Updates ??

Talks

Conference Title
Black Hat EU 2020 Jack-in-the-Cache: A New Code injection Technique through Modifying X86-to-ARM Translation Cache
CODE BLUE 2021 Appearances are deceiving: Novel offensive techniques in Windows 10/11 on ARM
Black Hat Asia 2023 Dirty Bin Cache: A New Code Injection Poisoning Binary Translation Cache
CODE BLUE 2023 Bypassing macOS Security and Privacy Mechanisms: From Gatekeeper to System Integrity Protection

Pinned Loading

  1. gdt_helper gdt_helper Public

    Ghidra Data Type (GDT) Helper

    Python 45 5

  2. PracticalPCode PracticalPCode Public

    Practical P-Code examples

    C 43 3

  3. cidre-vm cidre-vm Public

    Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware

    Shell 28 3