CVE-2024-23740
Published: 28 January 2024
Summary
CVE-2024-23740 is a critical-severity an unspecified weakness vulnerability in Getkap Kap. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 3.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Kap for macOS versions 3.6.0 and earlier contains a remote code execution vulnerability that arises from exposure of the RunAsNode and enableNodeCliInspectArguments Electron settings. The flaw carries a CVSS 3.1 base score of 9.8 and is tracked under NVD-CWE-noinfo.
Remote, unauthenticated attackers can supply crafted inputs over the network to leverage these settings and execute arbitrary code on the affected system, resulting in complete compromise of confidentiality, integrity, and availability without user interaction.
Public references include the Electron project statement on RunAsNode-related CVEs and a GitHub repository that reproduces the issue, indicating that application developers should disable or properly sandbox these flags in packaged Electron binaries.
The associated EPSS score is currently 0.2325 with an identical recorded peak and shows no material upward trajectory after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-21196
Vulnerability details
An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability in Electron-based Kap macOS app enables remote arbitrary code execution via RunAsNode and enableNodeCliInspectArguments settings, facilitating exploitation for client execution (T1203) and proxy execution via Electron applications (T1218.015).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.