CVE-2024-41159
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote’s access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application’s permissions.
The versions below were either tested or verified to be vulnerable by Talos or confirmed to be vulnerable by the vendor.
Microsoft OneNote 16.83 for macOS
OneNote - https://www.microsoft.com/en-us/microsoft-365/onenote
7.1 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CWE-347 - Improper Verification of Cryptographic Signature
Microsoft OneNote is a digital note-taking app within the Microsoft Office suite, enabling users to create, organize, and share various types of notes and media across devices. It offers a flexible layout and is well-integrated with Office and cloud services for easy access and collaboration.
Microsoft OneNote loads multiple libraries through relative path:
$ otool -L "/Applications/Microsoft OneNote.app/Contents/MacOS/Microsoft OneNote"
/Applications/Microsoft OneNote.app/Contents/MacOS/Microsoft OneNote:
@rpath/CocoaUI.framework/Versions/A/CocoaUI (compatibility version 0.0.0, current version 0.0.0)
@rpath/COMBase.framework/Versions/A/COMBase (compatibility version 0.0.0, current version 0.0.0)
@rpath/MicrosoftCredui.framework/Versions/A/MicrosoftCredui (compatibility version 0.0.0, current version 0.0.0)
[...]
/System/Library/Frameworks/PDFKit.framework/Versions/A/PDFKit (compatibility version 1.0.0, current version 1266.2.7)
/System/Library/Frameworks/QuickLookUI.framework/Versions/A/QuickLookUI (compatibility version 1.0.0, current version 0.0.0)
/usr/lib/swift/libswiftCore.dylib (compatibility version 1.0.0, current version 5.9.2)
In this case the location is relative to the main executable /Applications/Microsoft OneNote.app/Contents/MacOS/Microsoft OneNote. Furthermore, OneNote has a big number of entitlements that allow the program to offer its various functionalities:
$ codesign -dv --entitlements - "/Applications/Microsoft OneNote.app"
Executable=/Applications/Microsoft OneNote.app/Contents/MacOS/Microsoft OneNote
Identifier=com.microsoft.onenote.mac
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=212485 flags=0x10000(runtime) hashes=6629+7 location=embedded
Signature size=9012
Timestamp=12 Mar 2024 at 03:32:16
Info.plist entries=53
TeamIdentifier=UBF8T346G9
Runtime Version=14.2.0
Sealed Resources version=2 rules=13 files=6290
Internal requirements count=1 size=188
[Dict]
[Key] com.apple.application-identifier
[Value]
[String] UBF8T346G9.com.microsoft.onenote.mac
[Key] com.apple.developer.team-identifier
[Value]
[String] UBF8T346G9
[Key] com.apple.security.app-sandbox
[Value]
[Bool] true
[Key] com.apple.security.application-groups
[Value]
[Array]
[String] UBF8T346G9.Office
[String] UBF8T346G9.ms
[String] UBF8T346G9.com.microsoft.oneauth
[Key] com.apple.security.automation.apple-events
[Value]
[Bool] true
[Key] com.apple.security.cs.disable-library-validation
[Value]
[Bool] true
[Key] com.apple.security.device.audio-input
[Value]
[Bool] true
[Key] com.apple.security.files.bookmarks.app-scope
[Value]
[Bool] true
[Key] com.apple.security.files.user-selected.read-only
[Value]
[Bool] true
[Key] com.apple.security.files.user-selected.read-write
[Value]
[Bool] true
[Key] com.apple.security.network.client
[Value]
[Bool] true
[Key] com.apple.security.personal-information.addressbook
[Value]
[Bool] true
[Key] com.apple.security.print
[Value]
[Bool] true
[Key] com.apple.security.scripting-targets
[Value]
[Dict]
[Key] com.apple.mail
[Value]
[Array]
[String] com.apple.mail.compose
[Key] com.apple.security.temporary-exception.apple-events
[Value]
[Array]
[String] com.microsoft.outlook
[Key] com.apple.security.temporary-exception.files.absolute-path.read-only
[Value]
[Array]
[String] /Library/Preferences/com.microsoft.office.licensingV2.plist
[String] /Library/Preferences/com.microsoft.autoupdate.plist
[Key] com.apple.security.temporary-exception.mach-lookup.global-name
[Value]
[Array]
[String] com.microsoft.office.licensingV2.helper.port
[String] com.microsoft.autoupdate.helper.preferences
[Key] com.apple.security.temporary-exception.shared-preference.read-write
[Value]
[Array]
[String] com.microsoft.autoupdate2
[String] com.microsoft.office
[String] com.microsoft.shared
[Key] keychain-access-groups
[Value]
[Array]
[String] UBF8T346G9.com.microsoft.identity.universalstorage
The program is compiled using the Hardened Runtime, a security feature which aims, among other things, to prevent dynamically linked library hijacking.
However, the program includes this specific entitlement:
[Key] com.apple.security.cs.disable-library-validation
[Value]
[Bool] true
With this entitlement enabled, the program’s defense against library hijacking is effectively nullified, as it allows the loading of unsigned dynamic libraries. This is an issue because an unprivileged local attacker could leverage OneNote’s permissions without proper authorization.
Indeed, an attacker could copy the application into a controllable location and perform a library injection to use the entitlements of the application. So, an attacker could potentially record audio, send emails through Microsoft Outlook, exfiltrate data, and more.
In scenarios where the attacker leverages permissions already granted to OneNote, or when Apple Events are sent to the other Microsoft apps under the scope of the com.apple.security.temporary-exception.apple-events entitlement, the system will not display a pop-up permission prompt, executing actions straightaway.
However, in cases where the required permission hasn’t yet been granted, the Microsoft OneNote app will initiate the request. This could lead users to potentially grant the permission based on their trust in the Microsoft app.
Because of the use of the com.apple.security.cs.disable-library-validation entitlement set to true, a malicious application could perform a library injection in Microsoft OneNote without any special permission.
Microsoft fixed this issue in Version 16.86 (24060916)
2024-04-16 - Vendor Disclosure
2024-06-11 - Vendor Patch Release
2024-08-19 - Public Release
Discovered by Francesco Benvenuto of Cisco Talos.