CVE-2024-55968

An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection.

An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection.

Se descubrió un problema en DTEX DEC-M (DTEX Forwarder) 6.1.1. El servicio com.dtexsystems.helper, responsable de gestionar operaciones privilegiadas dentro del agente DTEX Event Forwarder de macOS, no implementa la validación crítica del cliente durante la comunicación entre procesos (IPC) de XPC. Específicamente, el servicio no verifica los requisitos del código, los derechos, los indicadores de seguridad o la versión de ningún cliente que intente establecer una conexión. Esta falta de validación lógica adecuada permite que los actores maliciosos exploten los métodos del servicio a través de conexiones de cliente no autorizadas y escalen privilegios a la raíz al abusar del método submissionQuery del protocolo DTConnectionHelperProtocol a través de una conexión XPC no autorizada.