[15:51 Mon,3.March 2025 by Thomas Richter] |
Blackmagic&s free grading, editing, compositing, and audio mastering program DaVinci Resolve (Studio) has a serious security vulnerability on macOS in all versions prior to 19.1.3. DaVinci Resolve installs on macOS with incorrect file permissions, which do not follow macOS&s standard security practices that dictate all applications should have more restrictive permissions.
;) The specific security risk due to the overly permissive permissions is called Dylib Hijacking, where an attacker could inject a dynamic library (Dylib) with malicious functionality into an unsecured application. This could allow attackers to take control of the system and escalate privileges, i.e., they could gain extended rights and access to the system. The problem affects versions of DaVinci Resolve prior to  current version 19.1.3. All users of the Mac version of DaVinci Resolve should check if they have the current version installed to ensure that the correct file permissions are set and the security vulnerability is closed. The update to version 19.1.3, besides fixing the security problem, also brings further features, such as support for the newly announced 65mm cameras ARRI Alexa 265 and improvements to overall stability and performance. Also included are a number of bug fixes, for example, for problems deleting cache memory, previewing Fusion templates, and synchronizing AAF clips.  more infos at bei nvd.nist.govdeutsche Version dieser Seite: Blackmagic DaVinci Resolve hat(te) eine Sicherheitslücke unter MacOS |
 |
|
|