Techly NewsGet the app

Get the latest tech news

CVE-2024-42219 for 1Password 8 for Mac


Learn how to set up and use 1Password, troubleshoot problems, and contact support.

This issue was responsibly disclosed to us by Robinhood’s Red Team after they chose to conduct an independent security assessment of 1Password for Mac. An attacker is able to misuse missing macOS specific inter-process validations to hijack or impersonate a trusted 1Password integration such as the 1Password browser extension or CLI. This would permit the malicious software to exfiltrate vault items, as well as obtain derived values used to sign in to 1Password, specifically the account unlock key and “SRP-𝑥”.

Get the Android app

Or read this on r/apple

Read more on:

Photo of Mac

Mac

Photo of 1Password

1Password

Photo of CVE-2024-42219

CVE-2024-42219

Related news:

News photo

Using 1Password on Mac? Patch up if you don’t want your Vaults raided

News photo

How long does Apple support Mac firmware?

News photo

What purpose did the lower-right Enter key serve on original Mac 128k keyboard?

« Apple Revises EU App Store Rules Amid Ongoing Investigation
World's largest 3D-printed neighborhood nears completion in Texas »