Elevating Privileges on macOS by Audit Token Spoofing

Watch a detailed security conference talk exploring how XPC technology in Apple's operating systems can be exploited through audit token spoofing. Dive into the mechanics of XPC implementation over mach messages and discover how multiple-sender scenarios can potentially bypass authorization checks. Learn about a specific vulnerability (CVE-2023-32405) in macOS's smd service that enables privilege escalation through this technique. Presented by Thijs Alkemade, a two-time Pwn2Own winner and security researcher at Computest, who brings deep expertise in mathematics, computer science, and operating system security to explain complex security concepts in accessible terms.