cve-2024-54529
×
bug-bounty
1121
microsoft
460
google
452
exploit
449
malware
377
xss
323
facebook
293
rce
293
apple
270
cve
235
supply-chain
231
writeup
182
web3
167
node
161
cloudflare
141
browser
131
phishing
124
sqli
120
aws
117
reverse-engineering
112
account-takeover
111
docker
103
dos
101
csrf
99
open-source
97
8
0
Technical deep-dive into exploiting CVE-2024-54529, a type confusion vulnerability in macOS's coreaudiod system daemon via the Mach messaging service. The author details the exploitation process of converting a crash into a working exploit through creative problem-solving, following their discovery via knowledge-driven fuzzing methodology.
type-confusion
macos-security
coreaudiod
cve-2024-54529
mach-ipc
exploit-development
kernel-exploitation
privilege-escalation
fuzzing
vulnerability-research
corekit-framework
system-daemon
CVE-2024-54529 · 18
CVE-2025-31235 · 15
projectzero.google
·
Dillon Franke, Google Information Security Engineering, 20% time on Project Zero·
2 months ago
·
exploit
·
details