CVE-2024-55968 PoC — DTEX DEC-M 安全漏洞

Source

https://github.com/null-event/CVE-2024-55968

Associated Vulnerability

Title:DTEX DEC-M 安全漏洞 (CVE-2024-55968)
Description:DTEX DEC-M是DTEX公司的一个统一的内部风险管理平台。 DTEX DEC-M 6.1.1版本存在安全漏洞，该漏洞源于缺乏适当的逻辑验证，攻击者可以通过未经授权的客户端连接利用服务的方法将权限提升到root。

Description

POC for DTEX LPE (CVE-2024-55968)

Readme

# CVE-2024-55968
POC for DTEX LPE (CVE-2024-55968)

## Description

This repo hosts a POC to a critical logic vulnerability in the DTEX Event Reporting Service. DTEX is a unified insider risk management platform.

The macOS EventReportingService was found to not properly validate incoming interprocess connections. Lack of interprocess connection validation allows a malicious actor to execute highly privileged code in the context of the service, which runs with the highest privileges on the operating system.

File Snapshot


 [4.0K]  /data/pocs/9f3c54a95d161ea0085bbe9bcf8052b540ce123f
├── [7.2K]  poc.m
└── [ 513]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!