CVE-2024-23745

An attacker who can modify a .nib file bundled within the Notion Web Clipper application can embed arbitrary commands in the NIB file. Because macOS Gatekeeper may incorrectly cache the application's code signature and fail to re-validate it after the NIB file is altered, the modified application can still be launched. When the application loads the tampered NIB, the embedded commands execute within the application's context [ref_id=1]. The attack requires the attacker to have write access to the application bundle on the victim's machine.

The advisory does not identify specific functions, files, or code paths. The vulnerability concerns the Notion Web Clipper 1.0.3(7) macOS application's handling of .nib files, which are Interface Builder resource files loaded by the application at runtime.

No patch is provided in the bundle. The vendor's position, as noted in the CVE description, is that this is not a product-level vulnerability but rather an instance of CVE-2022-48505, relating to incorrect caching of file signatures by macOS Gatekeeper. The vendor states that a product-level fix cannot be made because the root cause lies in the operating system's signature caching behavior, not in the Notion Web Clipper application itself [ref_id=1].