CVE-2024-55504

Vulnerability

Analysis

CVE-2024-55504 affects RAR Extractor - Unarchiver Free and Pro version 6.4.0 on macOS. The issue involves a dylib injection vulnerability where the application loads a dynamic library (exploit_combined.dylib) without proper validation, allowing local attackers to inject arbitrary code [1][2].

Attack

Vector

Exploitation requires local access to the affected macOS system. The attacker must place a malicious .dylib file in a location from which the application will load it. Since this is a local attack, it does not require network-based exploitation but can be chained with other vulnerabilities to escalate privileges or gain persistence [1].

Impact

Successful exploitation enables arbitrary code execution within the context of the RAR Extractor application. An attacker could leverage this to remotely control the system, access sensitive user data, or perform other unauthorized actions. The CVSS v3 base score is 5.5 (Medium), reflecting the requirement for local access [1][2].

Mitigation

The vendor has released version 6.4.2, which appears to address this vulnerability [3]. Users are strongly advised to update to the latest version from the Mac App Store. No public workarounds have been identified beyond removing the vulnerable application.