CVE-2026-3102 · A vulnerability was determined in exiftool up to 13.49 on macOS.

01 · The Real Story

This is a booby-trapped shipping label that only explodes on one loading dock using one scanner mode

CVE-2026-3102 is a command-injection bug in ExifTool on macOS affecting versions up to and including 13.49, fixed in 13.50. Per the CVE/NVD record, the vulnerable path is SetMacOSTags in lib/Image/ExifTool/MacOS.pm, and the trigger is a crafted image whose metadata abuses DateTimeOriginal; Kaspersky's technical write-up adds the key real-world condition: exploitation requires the image to be processed on macOS with ExifTool's -n / --printConv mode enabled.

The vendor's MEDIUM 6.3 is directionally right, and if anything slightly generous for a broad enterprise estate. The technical impact is arbitrary command execution in the context of the ExifTool process, but the reachable population is sharply narrowed by three gates: macOS only, ExifTool 13.49 or earlier, and a workflow that actually processes attacker-controlled images with -n enabled. That keeps this out of emergency territory for most 10,000-host environments, but it stays above LOW because media, forensics, publishing, and DAM pipelines do exist and can automate exactly this kind of parsing.

"Real RCE, but only in a narrow lane: macOS ExifTool workflows that process hostile images with -n enabled."

02 · The Attack Path

4 steps from start to impact.

STEP 01

Stage a malicious image

The attacker prepares a PNG or other image-handling workflow input with a malformed DateTimeOriginal field carrying shell metacharacters. Public disclosure exists through the CVE/CNA record and referenced media, so an attacker does not need to discover the bug from scratch.

Conditions required:

Attacker can deliver an image into a target workflow
Target accepts or ingests untrusted image content

Where this breaks in practice:

This is not a socket-level exploit; the attacker needs a file-processing path
Many enterprises never let internet users feed images into Mac-based ExifTool workflows

Detection/coverage: Traditional network scanners won't see this. Content inspection may catch obviously malformed metadata, but coverage is inconsistent.

STEP 02

Hit a vulnerable execution path

The image must be parsed by ExifTool 13.49 or earlier on macOS. Kaspersky's analysis says the dangerous path is only reachable when ExifTool runs with -n / --printConv, which is common in machine-readable automation but not universal in ad hoc desktop use.

Conditions required:

Host is running macOS
ExifTool version is 13.49 or older
Workflow invokes ExifTool with -n or --printConv

Where this breaks in practice:

Windows and Linux are out for this CVE
Many desktop users and some wrappers never use -n
Affected population is usually limited to niche image-processing, DAM, or forensic workflows

Detection/coverage: Version scanners can identify ExifTool <=13.49. Detecting -n usage requires process telemetry, script review, wrapper inspection, or launchd/job audit.

STEP 03

Trigger shell command injection in SetMacOSTags

When the crafted metadata is handled by the vulnerable macOS-specific code path, shell commands embedded in metadata are executed by the host. The practical outcome is code execution with the privileges of the account running ExifTool or the calling application.

Conditions required:

Vulnerable code path is reached during metadata handling
The calling process is permitted to spawn commands in user context

Where this breaks in practice:

Sandboxed applications, hardened wrapper logic, or nonstandard execution environments may blunt payload usefulness
Payload still runs as the invoking user, not magically as root

Detection/coverage: EDR should have the best shot here: child-process creation from exiftool, shell invocation from image-processing apps, and suspicious outbound retrieval after image ingest.

STEP 04

Post-exploitation follow-on

A realistic attacker uses the command injection to drop a lightweight loader, run discovery, or pull a second-stage payload from a remote server. The blast radius is therefore whatever that specific Mac workstation or pipeline host can already reach.

Conditions required:

Target user or service account has meaningful local data or network access
Outbound network egress is available for staging or retrieval

Where this breaks in practice:

Least-privilege service accounts and egress controls reduce damage sharply
Many processing hosts are operationally narrow and not great pivot boxes

Detection/coverage: Look for process ancestry from exiftool, shell execution, curl/wget/python one-liners, and unusual outbound connections immediately after image processing.

03 · Intelligence Metadata

The supporting signals.

In-the-wild status	No evidence found of broad in-the-wild exploitation. CISA KEV: not listed.
Public exploit / PoC	The CVE/CNA record says public disclosure exists and references a YouTube demonstration; I did not verify a maintained public GitHub exploit repo.
EPSS	0.00073 from the provided intel, which is very low and consistent with a narrow, workflow-dependent exploit path.
KEV status	Not in CISA KEV as of the catalog source referenced below; no KEV due date applies.
CVSS vector	Vendor/CNA: `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L` = 6.3 MEDIUM. NVD enrichment is 8.8 HIGH because it models higher impact, but that score does not capture the real deployment narrowing caused by macOS-only + `-n` requirement.
Affected versions	Authoritative records say ExifTool on macOS through 13.49 is affected; 13.50 is the first fixed release.
Fixed version	13.50. ExifTool history marks February 7, 2026 as the MacOS-only security update release.
Exposure / scanning reality	This is not an internet-facing service; ExifTool is a CLI/library embedded in local apps and automation. Shodan/Censys-style exposed-host counts are therefore not a meaningful denominator for risk here.
Disclosure date	2026-02-24 in the CVE/NVD record.
Reporter / researcher	The CVE credits `owl4444` (VulDB User) as reporter, while Kaspersky GReAT published the clearest technical explanation of exploit preconditions.

04 · The Call

noisgate verdict.

Final Verdict

= UNCHANGED to MEDIUM (5.0/10)

The decisive factor is population narrowing: this only matters on macOS hosts actually running ExifTool 13.49 or older in -n/--printConv mode against attacker-controlled images. That is real code execution, but it is nowhere near a whole-estate emergency because the reachable host set is usually a specialized processing tier, not your average employee endpoint.

HIGH Affected/fixed version boundary and macOS-only scope

MEDIUM Exploit preconditions involving `-n` / `--printConv` usage

MEDIUM Enterprise population exposure estimate

Why this verdict

Downward pressure: macOS only — this instantly removes Windows and Linux fleets from scope, which matters a lot in mixed enterprise estates.
Downward pressure: vulnerable workflow requirement — the attacker needs a host that *processes untrusted images* with ExifTool, not just a host that happens to have the package installed.
Downward pressure: -n / --printConv gate — Kaspersky's write-up says the exploit only lands when machine-readable output mode is enabled, which is common in some automation but far from universal.
Upward pressure: code execution is still code execution — once the narrow path is hit, the outcome is shell command execution in the ExifTool process context, not a harmless parser crash.
Downward pressure: no active exploitation signal — no KEV listing and a very low EPSS argue against treating this as a fire drill across 10,000 hosts.

Why not higher?

This is not broadly reachable infrastructure risk. The attacker must line up a specialized chain: deliver a malicious image, hit a Mac, hit ExifTool <=13.49, and hit a workflow that uses -n or --printConv. Those compounding prerequisites slash the exposed population compared with a true unauthenticated remote service RCE.

Why not lower?

It stays above LOW because the bug can execute arbitrary commands, not just leak metadata or crash a process. In organizations with digital asset management, photo ingestion, investigative media handling, or macOS-based automation, the exploit path is plausible enough that you should inventory and patch it rather than dismiss it as theoretical.

05 · Compensating Control

What to do — in priority order.

Isolate untrusted image processing — Run external or partner-supplied images through a dedicated low-privilege Mac worker or disposable VM so a hit lands in a small blast radius. For a MEDIUM verdict there is no mitigation SLA, but this is the best temporary control if patching lags.
Strip -n from wrappers where not required — Review launchd jobs, shell scripts, DAM connectors, and app wrappers that call exiftool; if machine-readable numeric output is not essential, remove -n / --printConv from those invocations. For MEDIUM, there is no mitigation SLA; use this as a targeted risk reduction for exposed workflows.
Constrain the runtime account — Make sure the service or user account invoking ExifTool has minimal local privileges and tightly limited network reach. That won't fix the bug, but it cuts post-exploitation payoff while you work through the 365-day remediation window.
Alert on child processes from ExifTool — Tune EDR to flag exiftool spawning shells, interpreters, or download utilities such as sh, bash, zsh, osascript, curl, or python. There is no mitigation SLA for MEDIUM, but this is high-value detective coverage immediately.

What doesn't work

A perimeter WAF doesn't help because this is not a web-request parser bug unless your own application turns uploads into a vulnerable ExifTool workflow behind the scenes.
Simple version inventory alone doesn't tell you real exposure; hosts with ExifTool installed but never used on attacker-controlled images are lower risk than active ingestion pipelines.
Assuming macOS Gatekeeper/quarantine saves you is weak here, because the trigger is processing a malicious image in a trusted local workflow, not launching an obviously unsigned app bundle.

06 · Verification

Crowdsourced verification payload.

Run this on the target macOS host or your Mac image-processing worker, not from an auditor workstation. Invoke it as bash check_cve_2026_3102.sh /usr/local/bin/exiftool or simply bash check_cve_2026_3102.sh; no root is required for version checking, but sudo helps if you want the optional wrapper scan under /Library and /Applications to be more complete.

noisgate-verify.sh

BASHREAD-ONLYSAFE

#!/usr/bin/env bash
# check_cve_2026_3102.sh
# Detect likely exposure to CVE-2026-3102 on macOS ExifTool hosts.
# Output: VULNERABLE / PATCHED / UNKNOWN
# Exit codes: 0=PATCHED, 1=VULNERABLE, 2=UNKNOWN

set -u

TARGET="${1:-}"

verlte() {
  [ "$1" = "$2" ] && return 0
  local first
  first=$(printf '%s\n%s\n' "$1" "$2" | sort -V | head -n1)
  [ "$first" = "$1" ]
}

find_exiftool() {
  if [ -n "$TARGET" ] && [ -x "$TARGET" ]; then
    echo "$TARGET"
    return 0
  fi
  if command -v exiftool >/dev/null 2>&1; then
    command -v exiftool
    return 0
  fi
  for p in /opt/homebrew/bin/exiftool /usr/local/bin/exiftool /usr/bin/exiftool; do
    if [ -x "$p" ]; then
      echo "$p"
      return 0
    fi
  done
  return 1
}

scan_wrappers() {
  local hits=0
  local roots=(/usr/local /opt/homebrew /Library /Applications "$HOME")
  echo "[+] Optional wrapper scan for '-n' or '--printConv' references..." >&2
  for r in "${roots[@]}"; do
    [ -e "$r" ] || continue
    while IFS= read -r f; do
      echo "    reference: $f" >&2
      hits=$((hits+1))
    done < <(grep -RIlE '(^|[^A-Za-z0-9_-])(exiftool)([^A-Za-z0-9_-].*)(--printConv|-n)([^A-Za-z0-9_-]|$)|(--printConv|-n)([^A-Za-z0-9_-].*)(exiftool)' "$r" 2>/dev/null | head -n 20)
  done
  echo "[+] Wrapper references found: $hits" >&2
}

if [ "$(uname -s 2>/dev/null || true)" != "Darwin" ]; then
  echo "PATCHED"
  echo "Reason: CVE-2026-3102 is macOS-specific." >&2
  exit 0
fi

EXIFTOOL_BIN=$(find_exiftool || true)
if [ -z "$EXIFTOOL_BIN" ]; then
  echo "UNKNOWN"
  echo "Reason: exiftool binary not found in PATH or common locations." >&2
  exit 2
fi

VER_RAW=$("$EXIFTOOL_BIN" -ver 2>/dev/null || true)
VER=$(echo "$VER_RAW" | tr -dc '0-9.')
if [ -z "$VER" ]; then
  echo "UNKNOWN"
  echo "Reason: unable to determine ExifTool version from $EXIFTOOL_BIN" >&2
  exit 2
fi

echo "[+] exiftool: $EXIFTOOL_BIN" >&2
echo "[+] version : $VER" >&2

if verlte "$VER" "13.49"; then
  scan_wrappers
  echo "VULNERABLE"
  echo "Reason: macOS host with ExifTool <= 13.49. Confirm actual exploitability by checking whether workflows invoke exiftool with -n or --printConv on untrusted images." >&2
  exit 1
fi

echo "PATCHED"
echo "Reason: ExifTool version is newer than 13.49." >&2
exit 0

07 · Bottom Line

If you remember one thing.

TL;DR

Monday morning, do targeted scoping instead of estate-wide panic: inventory every macOS host, app bundle, launchd job, and automation pipeline that uses ExifTool, then identify which ones still run 13.49 or earlier and whether they invoke -n / --printConv on untrusted image inputs. Because this is MEDIUM and there is noisgate mitigation SLA: no mitigation SLA — go straight to the 365-day remediation window, but any exposed image-ingestion workflow should still get compensating controls immediately and should be upgraded to 13.50+ well before the noisgate remediation SLA of ≤365 days; if you are a media, forensics, or DAM-heavy shop, compress that to this quarter rather than treating it as pure backlog hygiene.

Sources

Peer Review

What defenders are saying.

Submit a review attribution: handle + country only

0 flags selected · stored anonymously

Validation Results

Crowdsourced verification outputs.

Results submitted by users who ran the verification payload against their environment.