{"vulnerability": "CVE-2023-26818", "sightings": [{"uuid": "3bcbc883-e870-4813-adff-ae974fc12113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3721", "content": "The article will cover several basic concepts in macOS to provide the relevant background that will help the reader understand the process of identifying the weakness and writing an exploit that will gain a local privilege escalation by getting access to the camera through the permissions that were prreviously ganted to the Telegram application.\n. . .\nAfter that, we will write the Dylib that will be used in the exploit to perform the recording from the camera and save it to a file.\n\n\u0420\u0435\u0430\u043a\u0446\u0438\u044f Telegram \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u043f\u043e\u0445\u0443\u0439+\u043f\u043e\u0445\u0443\u0439\n\nCVE-2023-26818 - Bypass TCC with Telegram in macOS\nhttps://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/", "creation_timestamp": "2023-05-16T21:51:19.000000Z"}, {"uuid": "e66db366-3ef7-45e0-9bc8-4fc0149f7288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11480", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 #Untested CVE-2023-26818: Exploit MacOS TCC Bypass W/ Telegram. You can read the vulnerability analysis Part 1 and Part 2 for sandbox bypass.\n\nhttps://github.com/Zeyad-Azima/CVE-2023-26818", "creation_timestamp": "2023-09-01T16:30:14.000000Z"}, {"uuid": "7e66ab74-312e-4bec-8d6d-5551037986ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5118", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-26818 Exploit MacOS TCC Bypass W/ Telegram\nURL\uff1ahttps://github.com/Zeyad-Azima/CVE-2023-26818\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-11T12:54:37.000000Z"}, {"uuid": "167b2b59-dec2-47fd-aad6-d1fe99c6a03e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/arvinclub1/176", "content": "\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f\u06cc \u062f\u0631 \u0646\u0633\u062e\u0647 \u0645\u06a9 \u062a\u0644\u06af\u0631\u0627\u0645 \u067e\u06cc\u062f\u0627 \u0634\u062f\u0647 \u06a9\u0647 \u0645\u0647\u0627\u062c\u0645 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u062f\u0648\u0631\u0628\u06cc\u0646 \u0648 \u0645\u06cc\u06a9\u0631\u0648\u0641\u0648\u0646 \u0634\u0645\u0627 \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f.\n\u0627\u06cc\u0646 \u0627\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u0645\u0647\u0646\u062f\u0633 \u062f\u0631 \u06af\u0648\u06af\u0644 \u067e\u06cc\u062f\u0627 \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0628\u0647 \u062a\u0644\u06af\u0631\u0627\u0645 \u06af\u0632\u0627\u0631\u0634 \u0634\u062f\u0647 \u0648 \u0637\u0628\u0642 \u0645\u0639\u0645\u0648\u0644 \u062a\u0644\u06af\u0631\u0627\u0645 \u0628\u0647 \u0622\u0646 \u0631\u0633\u06cc\u062f\u06af\u06cc \u0646\u06a9\u0631\u062f\u0647.\nhttps://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram", "creation_timestamp": "2023-05-16T09:58:06.000000Z"}, {"uuid": "cc9520b4-92b4-4195-b607-bbf7b13bda66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "Telegram/2z7cIAzK_voKeTZhFLfjQgiTkLBoUgw0bFPWcd2G3pBKZ7k", "content": "", "creation_timestamp": "2023-07-07T11:13:58.000000Z"}, {"uuid": "e9ebdb55-1c95-471c-a464-a5d7fc0ef66b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4383", "content": "\ud83d\udcf2 \u041c\u044d\u0442\u0442 \u0419\u043e\u0445\u0430\u043d\u0441\u0435\u043d: \u0412 Telegram \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0430\u0451\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0430\u043c\u0435\u0440\u0435 \u0438 \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\ud83d\udd0dhttps://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram\n\n\ud83d\udc46\"\u042f \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u0438\u043a\u0430\u043a\u043e\u0433\u043e \u043e\u0442\u0432\u0435\u0442\u0430 \u043e\u0442 Telegram \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u043c\u0435\u0441\u044f\u0446\u0430, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0431\u044b\u043b\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u043e\u0432 \u0441 \u043d\u0438\u043c\u0438 \u0438 \u0434\u0430\u0436\u0435 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u0441\u044f \u0442\u0438\u043a\u0435\u0442 \u0447\u0435\u0440\u0435\u0437 VINCE. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u043e\u0448\u043b\u043e \u0442\u0440\u0438 \u043c\u0435\u0441\u044f\u0446\u0430, \u044f \u0440\u0435\u0448\u0438\u043b \u043f\u0440\u0438\u0434\u0430\u0442\u044c \u043e\u0433\u043b\u0430\u0441\u043a\u0435 \u044d\u0442\u0443 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e\", - \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440.\n\n\u270b @Russian_OSINT", "creation_timestamp": "2023-05-16T12:07:17.000000Z"}, {"uuid": "2ff539c6-af7b-4b35-9792-7362ed8e3344", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "seen", "source": "https://t.me/cibsecurity/64460", "content": "\u203c CVE-2023-26818 \u203c\n\nTelegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-19T16:33:00.000000Z"}, {"uuid": "5cd495d4-8a4d-4153-88f7-c2dd6a472fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/Russian_OSINT/2546", "content": "\ud83d\udcf2 \u041c\u044d\u0442\u0442 \u0419\u043e\u0445\u0430\u043d\u0441\u0435\u043d: \u0412 Telegram \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0430\u0451\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0430\u043c\u0435\u0440\u0435 \u0438 \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\ud83d\udd0dhttps://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram\n\n\ud83d\udc46\"\u042f \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u0438\u043a\u0430\u043a\u043e\u0433\u043e \u043e\u0442\u0432\u0435\u0442\u0430 \u043e\u0442 Telegram \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u043c\u0435\u0441\u044f\u0446\u0430, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0431\u044b\u043b\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u043e\u0432 \u0441 \u043d\u0438\u043c\u0438 \u0438 \u0434\u0430\u0436\u0435 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u0441\u044f \u0442\u0438\u043a\u0435\u0442 \u0447\u0435\u0440\u0435\u0437 VINCE. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u043e\u0448\u043b\u043e \u0442\u0440\u0438 \u043c\u0435\u0441\u044f\u0446\u0430, \u044f \u0440\u0435\u0448\u0438\u043b \u043f\u0440\u0438\u0434\u0430\u0442\u044c \u043e\u0433\u043b\u0430\u0441\u043a\u0435 \u044d\u0442\u0443 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e\", - \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440.\n\n\u270b @Russian_OSINT", "creation_timestamp": "2023-05-15T23:10:39.000000Z"}, {"uuid": "56007a17-e07c-4625-ba2e-9bc2384910d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/969", "content": "https://github.com/Zeyad-Azima/CVE-2023-26818\nExploit MacOS TCC Bypass W/ Telegram\n#github", "creation_timestamp": "2023-08-31T05:16:49.000000Z"}, {"uuid": "42d6d728-0a49-4c31-b664-2a3d274964c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26818", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8944", "content": "#exploit\n1. CVE-2023-39141:\nAria2 WebUI - Path traversal\nhttps://github.com/codeb0ss/CVE-2023-39141-PoC\n\n2. CVE-2023-34040:\nSpring Kafka Deserialization Vulnerability\nhttps://github.com/Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040\n\n3. CVE-2023-26818:\nExploit MacOS TCC Bypass W/ Telegram\nhttps://github.com/Zeyad-Azima/CVE-2023-26818", "creation_timestamp": "2023-08-31T10:59:01.000000Z"}]}