mach-ipc
×
bug-bounty
1171
google
499
microsoft
484
exploit
482
xss
426
malware
402
rce
310
facebook
310
apple
286
cve
255
supply-chain
240
writeup
201
node
188
web3
169
cloudflare
148
browser
142
phishing
133
account-takeover
121
sqli
121
aws
119
reverse-engineering
117
csrf
108
docker
106
dos
104
open-source
97
8
0
Technical deep-dive into exploiting CVE-2024-54529, a type confusion vulnerability in macOS's coreaudiod system daemon via the Mach messaging service. The author details the exploitation process of converting a crash into a working exploit through creative problem-solving, following their discovery via knowledge-driven fuzzing methodology.
type-confusion
macos-security
coreaudiod
cve-2024-54529
mach-ipc
exploit-development
kernel-exploitation
privilege-escalation
fuzzing
vulnerability-research
corekit-framework
system-daemon
CVE-2024-54529 · 18
CVE-2025-31235 · 15
projectzero.google
·
Dillon Franke, Google Information Security Engineering, 20% time on Project Zero·
2 months ago
·
exploit
·
details