Critical ExifTool flaw lets malicious images run code on macOS

A newly disclosed ExifTool vulnerability can let a malicious image trigger command execution on macOS during metadata processing. The flaw affects ExifTool 13.49 and earlier on macOS, and researchers say attackers can abuse the DateTimeOriginal metadata field to inject commands when the tool runs in a specific mode. Kaspersky’s GReAT team reported the issue, and […] The post Critical ExifTool flaw lets malicious images run code on macOS appeared first on VPN Central.