CVE-2024-55968

Feb. 18, 2025, 7:15 p.m.

None
No Score

Description

An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection.

Product(s) Impacted

Product Versions
DTEX DEC-M (DTEX Forwarder)
  • ['6.1.1']

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-798
Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

References

https://github.com/Wi1DN00B/CVE-2024-55968
https://github.com/null-event/CVE-2024-55968

Tags

cve@mitre.org
CWE-798
2025-01-28
CVE-2024-55968

Timeline

Published: Jan. 28, 2025, 10:15 p.m.
Last Modified: Feb. 18, 2025, 7:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.