CVE-2022-25366

Name of the Vulnerable Software and Affected Versions Cryptomator versions 1.6.5 and earlier

Description The issue allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious .dylib file that can be executed via the DYLD INSERT LIBRARIES environment variable.

Recommendations For Cryptomator versions 1.6.5 and earlier, consider disabling the use of the DYLD INSERT LIBRARIES environment variable to minimize the risk of exploitation until a patch is available. Restrict access to the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements to prevent malicious .dylib files from being executed. At the moment, there is no information about a newer version that contains a fix for this issue.