Critical ExifTool Flaw Compromises Macs via Mal Vulnerability Allows

A critical security flaw has been identified, directly impacting macOS environments. This vulnerability involves ExifTool, a widely used open-source utility for reading and writing file metadata.

Discovered by Kaspersky’s Global Research and Analysis Team (GReAT) in February 2026, CVE-2026-3102 allows threat actors to execute arbitrary shell commands by concealing malicious instructions within an image file’s metadata.

By weaponizing a seemingly benign photo, attackers can silently deploy Trojans, exfiltrate data, or establish a foothold for lateral movement across corporate networks.

ExifTool Vulnerability

The vulnerability stems from inconsistent input sanitization that allows tainted data to reach a dangerous execution sink.

During their analysis, researchers identified a flaw in the SetMacOSTags function. When ExifTool processes file creation dates on macOS, it utilizes the Spotlight system attribute MDItemFSCreationDate, which maps to the internal alias FileCreateDate.

When metadata is processed, the current tag’s text content is assigned to the $val variable. If the tag matches the file creation date attributes, this data flows directly into the SetMacOSTags function.

While the filename parameter is properly escaped before hitting the system() sink, the date value ($val) is left completely unsanitized.

This allows an attacker to inject single quotes, breaking the command structure and executing arbitrary shell commands with the privileges of the user running ExifTool.

Payload Delivery Using ExifTool Vulnerability

Directly writing a malformed date payload into FileCreateDate fails because ExifTool’s built-in PrintConvInv filter detects and rejects invalid date/time formatting.

To bypass this, attackers must leverage the -n flag, which forces ExifTool to accept raw, unformatted machine-readable data, skipping the sanitization step entirely.

The exploitation sequence relies on ExifTool’s copy mechanisms:

• Park the Payload: The attacker injects a malicious payload containing single quotes into an unrestrained source tag, such as DateTimeOriginal, using the -n flag.
• Trigger the Execution: The attacker uses the -tagsFromFile feature to copy the tainted metadata from the source tag into FileCreateDate.

Because the vulnerable code path only triggers during a copy operation, not a direct write this sequence successfully forces the unsanitized input into the system() sink.

ExifTool invokes the macOS /usr/bin/setfile command, and the injected single quotes allow the payload to execute seamlessly via command substitution.

Following the disclosure, developers addressed the flaw in ExifTool version 13.50. The vulnerable 13.49 version relied on fragile string concatenation to build system commands.

The patch fundamentally alters this architecture by abstracting the system call into a dedicated System() wrapper.

Instead of executing a concatenated string, the application now passes a secure list of arguments to the system call. This transition from string-form to list-form execution completely eliminates shell interpretation risks and removes the need for manual escaping routines.

Mitigations

Organizations utilizing macOS for photo processing, asset management, or journalism workflows should implement the following defenses:

• Audit and upgrade all bulk image processing scripts and asset management applications to use ExifTool version 13.50 or later.
• Scan macOS environments for third-party software that may contain older, embedded iterations of the ExifTool library.
• Isolate the processing of untrusted files within dedicated virtual environments that feature strictly limited storage and network access.
• Enforce strict BYOD policies requiring active macOS endpoint protection before devices can access corporate networks.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.