Core.ai Phoenix Code Dynamic Library Injection Vulnerability Allowing TCC Bypass on macOS

A vulnerability exists in Core.ai's Phoenix Code application on macOS, all versions through 4.0.3. The issue arises from certain entitlements that permit Dynamic Library (Dylib) injection. A local attacker with unprivileged access can exploit this by using environment variables such as DYLD_INSERT_LIBRARIES to inject code into the application's context, thereby bypassing Transparency, Consent, and Control (TCC) mechanisms. While the injected code can access resources within the scope of previously granted user permissions, any attempt to access additional resources requires user interaction to approve the permission request.

Impact

Exploitation of this vulnerability allows for unauthorized code injection into the application's context, bypassing macOS's TCC framework, which regulates app access to sensitive user data and system resources. The injected code can only access resources for which the user has already granted permission, but accessing other resources requires user consent through a system prompt.

Remediation

This vulnerability has been fixed in Phoenix Code version 4.0.4. However, Postbox, which is also affected by this vulnerability, will not receive any updates as the original company is no longer operational and the acquiring company did not cooperate in vulnerability disclosure.