lpe

• December 13, 2020 Reversing engineering the fix of CVE-2020-9771
• July 3, 2020 CVE-2020-9771 - mount_apfs TCC bypass and privilege escalation
• June 16, 2020 Secure coding XPC Services - Part 5 - PID reuse attacks (CVE-2020-14977)
• June 12, 2020 Secure coding XPC Services - Part 4 - Improved client authorization (CVE-2020-14978)
• May 29, 2020 Secure coding XPC Services - Part 3 - Incorrect client verification (CVE-2020-0984)
• March 18, 2020 Exploiting directory permissions on macOS
• January 12, 2020 Secure coding XPC services - Part 1 - Why EvenBetterAuthorization is not enough? (CVE-2019-20057)
• October 12, 2019 IOBit Unlocker 1.1.2 - Local Privilege Escalation (CVE-2020-14974 & CVE-2020-14975)
• August 9, 2019 UninstallString - a possible LPE via Social Engineering
• July 9, 2019 DYLD_INSERT_LIBRARIES DYLIB injection in macOS / OSX
• June 1, 2019 macOS - Getting root with benign AppStore apps