Cyber Resilience

CVE-2023-50643

CriticalPublic PoC

Published: 09 January 2024

Published
09 January 2024
Modified
03 June 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.2693 96.5th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-50643 is a critical-severity an unspecified weakness vulnerability in Evernote Evernote. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 3.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2023-50643 is a remote code execution vulnerability in Evernote for macOS version 10.68.2 that stems from exposure of the RunAsNode and enableNodeCliInspectArguments components. The flaw carries a CVSS 3.1 base score of 9.8 and affects an Electron-based application, allowing unauthenticated network attackers to supply malicious arguments that result in arbitrary code execution on the host.

An attacker with no credentials or user interaction can send crafted inputs over the network to trigger the vulnerable components, achieving full control over the affected system including the ability to read, modify, or delete data and execute further payloads.

Public references include the vendor site, a proof-of-concept repository, and Electron's advisory on RunAsNode-related issues; these point practitioners to vendor updates and Electron hardening guidance for remediation. The associated EPSS score has reached 0.2693 without a documented low-to-high trajectory after disclosure.

EU & UK References

Vulnerability details

An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

evernote
evernote
10.68.2

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References