Apple Xcode < 8.1 Node.js Multiple RCE (macOS)
Critical Nessus Plugin ID 94935
SynopsisAn IDE application installed on the remote macOS or Mac OS X host is affected by multiple remote code execution vulnerabilities.
DescriptionThe version of Apple Xcode installed on the remote macOS or Mac OS X host is prior to 8.1. It is, therefore, affected by multiple remote code execution vulnerabilities in the Node.js component of the Xcode Server. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code.
SolutionUpgrade to Apple Xcode version 8.1 or later.