Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Crash One - A Starbucks Story - CVE-2025-24277 Exploit Development

Objective-See Foundation via YouTube

Start learning Write review
Simplilearn Ad

Build GenAI Apps from Scratch — UCSB PaCE Certificate Program

Learn More Coursera Ad

Learn AI, Data Science & Business — Earn Certificates That Get You Hired

Learn More

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Discover the complete exploit development journey for CVE-2025-24277, a critical vulnerability in macOS's osanalyticshelper that enables local privilege escalation and sandbox escape. Follow security researchers Gergely Kalman and Csaba Fitzl as they detail their collaborative research process that began during a casual Starbucks meeting, where they identified what initially seemed like an unexploitable vulnerability. Learn the systematic approach to overcoming multiple technical obstacles including sandbox extensions, XPC calls, reverse XPC calls, ACL inheritance, and file system race conditions. Gain insights into advanced macOS security research methodologies, exploit development techniques, and the persistence required to transform a theoretical vulnerability into a working proof-of-concept that demonstrates both privilege escalation and sandbox escape capabilities.

Syllabus

#OBTS v8.0: “Crash One - A StarBucks Story (CVE-2025-24277)” - Gergely Kalman & Csaba Fitzl

Taught by

Objective-See Foundation

Reviews

Start your review of Crash One - A Starbucks Story - CVE-2025-24277 Exploit Development

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.