CodexBar Insecure Temporary File Handling Vulnerability in Notarization Workflow

A vulnerability exists in CodexBar versions prior to 0.32.0, related to insecure handling of temporary files during the release notarization process. This flaw allows local attackers to access sensitive credentials or manipulate build artifacts by taking advantage of predictable file paths. Attackers on the same host can read the App Store Connect API key, which is written to a fixed location, pre-create files or symbolic links to redirect writes to locations they control, or tamper with notarization archives before they are submitted.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive API keys and manipulation of notarization files, potentially allowing attackers to interfere with the application's release process.

Reproduction

To reproduce this vulnerability, access a system with CodexBar installed version 0.32.0 or earlier. During the notarization process, the application writes the API key to a predictable temporary file location. An attacker can pre-create a file or symbolic link at this location to intercept the API key or redirect notarization files to an attacker-controlled destination. Alternatively, the notarization archive can be modified before submission.

Remediation

Users can upgrade to CodexBar version 0.32.0 or later, where this vulnerability has been addressed.