Fast CAD Reader Incorrect File Permissions Vulnerability Allowing Dylib Hijacking on MacOS

Vulnerability

A vulnerability exists in the Fast CAD Reader application for MacOS, developed by Beijing Honghu Yuntu Technology. The application is installed with overly permissive file permissions, allowing all users and applications to read, write, and execute files. This permission setting is contrary to standard macOS security practices, which recommend more restrictive permissions. The excessive permissions can be exploited for Dylib hijacking, a technique that allows for privilege escalation. This vulnerability is present in all versions of Fast CAD Reader through 4.1.5.

Impact

Exploitation of this vulnerability can lead to unauthorized privilege escalation by allowing a user or application to gain elevated rights.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fast CAD Reader Incorrect File Permissions Vulnerability Allowing Dylib Hijacking on MacOS

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating