The first vulnerability found (CVE-201713890) allowed a malicious webpage to force the target machine to mount an arbitrary disk image. This was due to a content identifier conflict in the Safari web browser. When known filetypes are handled in the Safari browser actions are taken to handle the media automatically. Usually this results in things like a media player opening to handle a download or a PDF client opening a document. But due to the same identifier being defined in multiple locations the wrong action was taken when downloading a .smi file.
The second vulnerability (CVE-20184176) starts the execution path of the arbitrary files in the disk image downloaded by the first vulnerability. During creation of a disk image the creator is able to use the bless utility to set specific options. One of those is —openfolder which allows Finder to open an arbitrary folder upon mounting a disk image. By pointing to a bundle file instead of a folder it will be executed when the image is mounted. Being able to launch the application isn’t quite enough though because the Gatekeeper utility prevents unsigned code from actually launching until it is whitelisted.
The third vulnerability (CVE-2018-4175) allows launch of an arbitrary program from the malicious disk image without any security checks. The first step is to include a legitimate signed binary in the image, like the Terminal app. At this point the researchers tried launching a malicious script through the Terminal app but it was still blocked due to the quarantine flag being set. This is set when applications are downloaded from the internet and is cleared when the user explicitly says that the application is safe. By modifying the Info.plist for the bundle they were able to associate a new filetype with the Terminal app. When launching the newly associated filetype the quarantine flag was not checked and code execution was achieved.
This vulnerability chain highlights how a string of seemingly not serious vulnerabilities can often be strung together to achieve a compromise. The vulnerabilities were reported to Apple in February and patched in their March security update.