VDB
GCVE-110-CERTCC-2023-757109
GCVE-110-CERTCC-2023-757109
Advisory Published
### Overview
Groupnotes Inc. Videostream Mac client installs a LaunchDaemon that runs with root privileges. The daemon is vulnerable to a race condition that allows for arbitrary file writes. A low privileged attacker can escalate privileges to root on affected systems.
### Description
Every five hours the Videostream LaunchDaemon runs with root privileges to check for updates. During the download, it's possible to replace the update file as any user with a crafted tar archive. The LaunchDaemon process will extract the archive and replace any requested file on the system.
### Impact
An attacker with low privilege access can overwrite arbitrary files on the affected system. This can be leveraged to escalate privileges to control the root account.
### Solution
The CERT/CC is currently unaware of a practical solution to this problem.
### Acknowledgements
Thank you to Dan Revah for reporting this issue.
This document was written by Kevin Stephens.
Aliases
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.