12 March 2024 Show Notes 249 - libXPC to Root and Digital Lockpicking 00:00:21 Progress OpenEdge Authentication Bypass Deep-Dive [CVE-2024-1403] 00:05:19 xpcroleaccountd Root Privilege Escalation [CVE-2023-42942] 00:10:50 Bypassing the “run-as” debuggability check on Android via newline injection 00:18:09 Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 2: discovered vulnerabilities) Additional Links: https://alephsecurity.com/2024/02/20/kontrol-lux-lock-1/ 00:43:06 Using form hijacking to bypass CSP