The exploit was demonstrated in a video posted to YouTube.
In this video, I'll show you a 0day exploit that allows me to extract all your (local) keychain passwords on macOS Mojave (and lower versions). Without root or administrator privileges and without password prompts of course.
Henze notes that this is not the first time this type of exploit has been found.
You might remember KeychainStealer from @patrickwardle, released 2017 for macOS High Sierra, which can also steal all your keychain passwords. While the vulnerability he used is already patched, the one I found still works, even in macOS Mojave.
The hacker hopes his video will force Apple to launch a bug bounty program for macOS.
I won't release this. The reason is simple: Apple still has no bug bounty program (for macOS), so blame them. ... Maybe this forces Apple to open a bug bounty program at some time.
Take a look at the video below...