Security Advisory

CVE-2024-41165

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-18 22:39:44
Last updated 2024-12-20 17:32:16
Assigner talos
State PUBLISHED

Description

A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Words access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable applications permissions.