Exploit in macOS App Management subsystem allowing modification of signed applications was reported to Apple 10 months ago, but is still not resolved. Apple did fix other exploits though.

Johnson says the overwriting of the file completely bypasses App Management in macOS 13.5.1. “The straightforwardness and ease of the bypass is truly stunning.”


No comments from Apple are currently available.

Jeff Johnson: macOS 0day: App Management

Reference: macOS Ventura App Management exploit revealed 10 months after discovery



Beware of existing exploit. Consider adding additional appropriate security checks, if needed.

QA engineer:

Business as usual.


Business as usual.

Leave a comment