Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
macOS Universal Audio (UAConnect) <= 2.7.0 - Local Privilege Escalation
Vulnerability Description
The com.uaudio.bsd.helper service, responsible for handling privileged operations, fails to implement critical client validation during XPC inter-process communication (IPC). Specifically, the service does not verify the code requirements, entitlements, or security flags of any client attempting to establish a connection. This lack of proper validation allows unauthorized clients to exploit the service's methods and escalate privileges to root.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
授权机制缺失
Vulnerability Title
Uaudio com.uaudio.bsd.helper 安全漏洞
Vulnerability Description
Uaudio com.uaudio.bsd.helper是Uaudio公司的一款应用程序。 Uaudio com.uaudio.bsd.helper存在安全漏洞,该漏洞源于XPC进程间通信中未能实施关键的客户端验证,使得未经授权的客户端能够利用服务的方法并将权限提升至root。
CVSS Information
N/A
Vulnerability Type
N/A