Original Post: macOS Finder RCE
This vulnerability was analyzed during Episode 85 on 27 September 2021
A malicious inetloc file can be used to execute arbitrary applications that already exist on the system. Normally inetloc files are usually shortcuts to an internet location. So MacOS will execute these files by opening the requested url. The problem is that the file:// protocol is supported, which will trigger the targeted file into being opened which can be an application.