Skip to content

Pwnies

recognize both excellence and incompetence in the field of information security

  • news
  • About
  • noms
  • winners
  • previous
  • team

The 2020 Pwnie Nominee For Best Privilege Escalation Bug

Exploiting the “noowners” Flag – APFS Privilege Escalation

Csaba Fitzl

A user may gain access to protected parts of the file system through APFS snapshot as read-only, with “noowners” flag.

About the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, CVE-2020-9771

calendar

Apr 19
Nominations open
Jul 12
Nominees announced, Summercon 2025, Brooklyn, NY
Aug TBD
Awards Ceremony, TBD, DEF CON 33, Las Vegas Convention Center, Las Vegas, NV

awards ceremony

Date
August TBD
Time
TBD
Where
DEF CON 33, Las Vegas Convention Center, Las Vegas, NV

follow us

  • twitter
  • atom feed

Archives

  • Nominations and Winners Archive
Copyright © 2007-2025 Pwnie Awards LLC. Designed by ikonoklasm.