{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-41036", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-08-22T16:57:23.931Z", "datePublished": "2023-09-12T19:48:15.108Z", "dateUpdated": "2024-08-02T18:46:11.507Z"}, "containers": {"cna": {"title": "Macvim's Insecure Usage of IPC Mechanisms", "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "lang": "en", "description": "CWE-269: Improper Privilege Management", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv"}, {"name": "https://github.com/macvim-dev/macvim/commit/399b43e9e1dbf656a1780e87344f4d3c875e4cda", "tags": ["x_refsource_MISC"], "url": "https://github.com/macvim-dev/macvim/commit/399b43e9e1dbf656a1780e87344f4d3c875e4cda"}, {"name": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMAppController.h#L28", "tags": ["x_refsource_MISC"], "url": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMAppController.h#L28"}, {"name": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMBackend.h", "tags": ["x_refsource_MISC"], "url": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMBackend.h"}], "affected": [{"vendor": "macvim-dev", "product": "macvim", "versions": [{"version": "< 178", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-18T18:07:09.154Z"}, "descriptions": [{"lang": "en", "value": "Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an insecure interprocess communication (IPC) mechanism which could lead to a privilege escalation. Distributed objects are a concept introduced by Apple which allow one program to vend an interface to another program. What is not made clear in the documentation is that this service can vend this interface to any other program on the machine. The impact of exploitation is a privilege escalation to root - this is likely to affect anyone who is not careful about the software they download and use MacVim to edit files that would require root privileges. Version 178 contains a fix for this issue."}], "source": {"advisory": "GHSA-9jgj-jfwg-99fv", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:46:11.507Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv"}, {"name": "https://github.com/macvim-dev/macvim/commit/399b43e9e1dbf656a1780e87344f4d3c875e4cda", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/macvim-dev/macvim/commit/399b43e9e1dbf656a1780e87344f4d3c875e4cda"}, {"name": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMAppController.h#L28", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMAppController.h#L28"}, {"name": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMBackend.h", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMBackend.h"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:macvim:macvim:*:*:*:*:*:macos:*:*", "matchCriteriaId": "3F7AD145-4C39-41D1-9400-48E0213E4EA8", "versionEndExcluding": "178", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an insecure interprocess communication (IPC) mechanism which could lead to a privilege escalation. Distributed objects are a concept introduced by Apple which allow one program to vend an interface to another program. What is not made clear in the documentation is that this service can vend this interface to any other program on the machine. The impact of exploitation is a privilege escalation to root - this is likely to affect anyone who is not careful about the software they download and use MacVim to edit files that would require root privileges. Version 178 contains a fix for this issue."}, {"lang": "es", "value": "Macvim es un editor de texto para MacOS. Antes de la versi\u00f3n 178, Macvim utiliza un mecanismo de Insecure Interprocess Communication (IPC) que podr\u00eda provocar una escalada de privilegios. Los objetos distribuidos son un concepto introducido por Apple que permite que un programa proporcione una interfaz a otro programa. Lo que no queda claro en la documentaci\u00f3n es que este servicio puede vender esta interfaz a cualquier otro programa en la m\u00e1quina. El impacto de la explotaci\u00f3n es una escalada de privilegios a root; esto probablemente afectar\u00e1 a cualquiera que no tenga cuidado con el software que descarga y use MacVim para editar archivos que requerir\u00edan privilegios de root. La versi\u00f3n 178 contiene una soluci\u00f3n para este problema."}], "id": "CVE-2023-41036", "lastModified": "2024-03-18T18:15:07.780", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-11-07T04:20:50.427", "references": [{"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMAppController.h#L28"}, {"source": "security-advisories@github.com", "url": "https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMBackend.h"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/macvim-dev/macvim/commit/399b43e9e1dbf656a1780e87344f4d3c875e4cda"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}