{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9062", "assignerOrgId": "41c37e40-543d-43a2-b660-2fee83ea851a", "state": "PUBLISHED", "assignerShortName": "Pentraze", "dateReserved": "2024-09-20T21:49:17.091Z", "datePublished": "2025-06-10T23:25:30.420Z", "dateUpdated": "2025-06-11T13:41:12.653Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "com.oct4pie.archifyhelper", "platforms": ["MacOS"], "product": "Archify", "repo": "https://github.com/Oct4Pie/archify", "vendor": "Archify", "versions": [{"lessThanOrEqual": "1.3.1", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Carlos Garrido of Pentraze Cybersecurity"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the \"factored applications\" model, delegating privileged operations\u2014such as arbitrary file deletion and file permission changes\u2014to this helper running as root. However, the helper does not verify the code signature, entitlements, or signing flags of the connecting client. Although macOS provides secure validation mechanisms like auditToken, these are not implemented. As a result, any local process can establish a connection to the helper and invoke privileged functionality, leading to unauthorized execution of actions with root-level privileges."}], "value": "The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the \"factored applications\" model, delegating privileged operations\u2014such as arbitrary file deletion and file permission changes\u2014to this helper running as root. However, the helper does not verify the code signature, entitlements, or signing flags of the connecting client. Although macOS provides secure validation mechanisms like auditToken, these are not implemented. As a result, any local process can establish a connection to the helper and invoke privileged functionality, leading to unauthorized execution of actions with root-level privileges."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "41c37e40-543d-43a2-b660-2fee83ea851a", "shortName": "Pentraze", "dateUpdated": "2025-06-10T23:25:30.420Z"}, "references": [{"url": "https://pentraze.com/"}, {"url": "https://pentraze.com/vulnerability-reports/"}], "source": {"discovery": "UNKNOWN"}, "title": "macOS Archify: Local Privilege Escalation", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-11T13:41:01.210655Z", "id": "CVE-2024-9062", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-11T13:41:12.653Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "macOS Archify: Local Privilege Escalation", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Carlos Garrido of Pentraze Cybersecurity"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/Oct4Pie/archify", "vendor": "Archify", "product": "Archify", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.3.1"}], "platforms": ["MacOS"], "packageName": "com.oct4pie.archifyhelper", "defaultStatus": "unaffected"}], "references": [{"url": "https://pentraze.com/"}, {"url": "https://pentraze.com/vulnerability-reports/"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the \"factored applications\" model, delegating privileged operations\u2014such as arbitrary file deletion and file permission changes\u2014to this helper running as root. However, the helper does not verify the code signature, entitlements, or signing flags of the connecting client. Although macOS provides secure validation mechanisms like auditToken, these are not implemented. As a result, any local process can establish a connection to the helper and invoke privileged functionality, leading to unauthorized execution of actions with root-level privileges.", "supportingMedia": [{"type": "text/html", "value": "The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the \"factored applications\" model, delegating privileged operations\u2014such as arbitrary file deletion and file permission changes\u2014to this helper running as root. However, the helper does not verify the code signature, entitlements, or signing flags of the connecting client. Although macOS provides secure validation mechanisms like auditToken, these are not implemented. As a result, any local process can establish a connection to the helper and invoke privileged functionality, leading to unauthorized execution of actions with root-level privileges.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "41c37e40-543d-43a2-b660-2fee83ea851a", "shortName": "Pentraze", "dateUpdated": "2025-06-10T23:25:30.420Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-9062", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-11T13:41:01.210655Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2025-06-11T13:41:08.319Z"}}]}, "cveMetadata": {"cveId": "CVE-2024-9062", "state": "PUBLISHED", "dateUpdated": "2025-06-10T23:25:30.420Z", "dateReserved": "2024-09-20T21:49:17.091Z", "assignerOrgId": "41c37e40-543d-43a2-b660-2fee83ea851a", "datePublished": "2025-06-10T23:25:30.420Z", "assignerShortName": "Pentraze"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the \"factored applications\" model, delegating privileged operations\u2014such as arbitrary file deletion and file permission changes\u2014to this helper running as root. However, the helper does not verify the code signature, entitlements, or signing flags of the connecting client. Although macOS provides secure validation mechanisms like auditToken, these are not implemented. As a result, any local process can establish a connection to the helper and invoke privileged functionality, leading to unauthorized execution of actions with root-level privileges."}, {"lang": "es", "value": "La aplicaci\u00f3n Archify contiene una vulnerabilidad de escalada de privilegios local debido a una validaci\u00f3n insuficiente del cliente en su herramienta auxiliar privilegiada, com.oct4pie.archifyhelper, expuesta mediante XPC. Archify sigue el modelo de \"aplicaciones factorizadas\", delegando operaciones privilegiadas (como la eliminaci\u00f3n arbitraria de archivos y la modificaci\u00f3n de permisos) a esta herramienta auxiliar que se ejecuta como root. Sin embargo, esta herramienta no verifica la firma del c\u00f3digo, los derechos ni los indicadores de firma del cliente que se conecta. Aunque macOS ofrece mecanismos de validaci\u00f3n seguros como auditToken, estos no est\u00e1n implementados. Como resultado, cualquier proceso local puede establecer una conexi\u00f3n con la herramienta auxiliar e invocar funciones privilegiadas, lo que provoca la ejecuci\u00f3n no autorizada de acciones con privilegios de root."}], "id": "CVE-2024-9062", "lastModified": "2025-06-12T16:06:20.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "41c37e40-543d-43a2-b660-2fee83ea851a", "type": "Secondary"}]}, "published": "2025-06-11T00:15:24.043", "references": [{"source": "41c37e40-543d-43a2-b660-2fee83ea851a", "url": "https://pentraze.com/"}, {"source": "41c37e40-543d-43a2-b660-2fee83ea851a", "url": "https://pentraze.com/vulnerability-reports/"}], "sourceIdentifier": "41c37e40-543d-43a2-b660-2fee83ea851a", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "41c37e40-543d-43a2-b660-2fee83ea851a", "type": "Secondary"}]}

{}