CVE-2017-2429

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.12.4

Description The issue involves the FinderKit component and allows remote attackers to bypass intended access restrictions by leveraging unexpected permission changes during an iCloud Sharing Send Link action. This is due to insufficient access control checks, which can be exploited by a remote attacker to bypass existing access restrictions by escalating privileges.

Recommendations For macOS versions prior to 10.12.4, update to version 10.12.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the FinderKit component until a patch is available.