CVE-2024-55968

An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/Wi1DN00B/CVE-2024-55968
https://github.com/null-event/CVE-2024-55968

Configurations

No configuration.

History

No history.

Information

Published : 2025-01-28 22:15

Updated : 2025-03-24 17:15

NVD link : CVE-2024-55968

Mitre link : CVE-2024-55968

CVE.ORG link : CVE-2024-55968

JSON object : View

Products Affected

No product.

CWE

CWE-267

Privilege Defined With Unsafe Actions

{"id": "CVE-2024-55968", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2025-01-28T22:15:15.860", "references": [{"url": "https://github.com/Wi1DN00B/CVE-2024-55968", "source": "[email protected]"}, {"url": "https://github.com/null-event/CVE-2024-55968", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-267"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en DTEX DEC-M (DTEX Forwarder) 6.1.1. El servicio com.dtexsystems.helper, responsable de gestionar operaciones privilegiadas dentro del agente DTEX Event Forwarder de macOS, no implementa la validaci\u00f3n cr\u00edtica del cliente durante la comunicaci\u00f3n entre procesos (IPC) de XPC. Espec\u00edficamente, el servicio no verifica los requisitos del c\u00f3digo, los derechos, los indicadores de seguridad o la versi\u00f3n de ning\u00fan cliente que intente establecer una conexi\u00f3n. Esta falta de validaci\u00f3n l\u00f3gica adecuada permite que los actores maliciosos exploten los m\u00e9todos del servicio a trav\u00e9s de conexiones de cliente no autorizadas y escalen privilegios a la ra\u00edz al abusar del m\u00e9todo submissionQuery del protocolo DTConnectionHelperProtocol a trav\u00e9s de una conexi\u00f3n XPC no autorizada."}], "lastModified": "2025-03-24T17:15:19.730", "sourceIdentifier": "[email protected]"}