As per the advisory by CERT-In, “This vulnerability could be exploited by an attacker to gain access to arbitrary files on the target system.”
“An attacker could exploit this vulnerability by enticing a user to use malicious application.
Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the target system while running an application that uses on-demand resources with Xcode,” it added.
Apple has already acknowledged the issue and has also addressed the same. It has released the Xcode 12.4 for macOS Catalina 10.15.4 and later. It is advisable that users get it. The Xcode 12.4 addresses a path handling issue with improved validation.
Apple also confirmed the impact of this vulnerability in its support page and said, “A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode.”
Apple recently rolled out a new software update for Mac users. The new software update brings the macOS Big Sur to v11.2. This update comes after a month of the release of macOS Big Sur 11.1. As per the company’s release notes, the latest macOS Big Sur 11.2 comes with several bug fixes.