The PoC exploit targets CVE-2021-1810, a vulnerability that can lead to the bypass of all three protections that Apple implemented against malicious file downloads, namely file quarantine, Gatekeeper, and notarization.

This issue was found in the Archive Utility component of macOS Big Sur and Catalina and can be exploited using a specially crafted ZIP file. Successful exploitation requires for the attacker to trick the user into downloading and opening the archive to execute the malicious code within.