Apple · Apple Macos · CVE-2017-2429
**Name of the Vulnerable Software and Affected Versions**
macOS versions prior to 10.12.4
**Description**
The issue involves the `FinderKit` component and allows remote attackers to bypass intended access restrictions by leveraging unexpected permission changes during an iCloud Sharing Send Link action. This is due to insufficient access control checks, which can be exploited by a remote attacker to bypass existing access restrictions by escalating privileges.
**Recommendations**
For macOS versions prior to 10.12.4, update to version 10.12.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `FinderKit` component until a patch is available.