Skip to main content

Sdp Client

1 CVEs product

Monthly

CVE-2026-12374 MEDIUM PATCH This Month

Local privilege escalation in Cato Client on macOS allows an authenticated low-privileged user to gain root by chaining two flaws in the PrivilegedHelperTool XPC service: improper certificate validation (CWE-295) that accepts self-signed certificates to bypass XPC caller verification, and a TOCTOU race condition exploitable via symlink swap during package installation. All Cato Client (SDP Client) versions prior to 5.13.1 on macOS are affected. A proof-of-concept exists per the CVSS 4.0 supplemental metric E:P, and the AU:Y (Automatable) tag indicates the exploit chain can be scripted - elevating practical urgency despite the absence of a CISA KEV listing.

Authentication Bypass Apple Sdp Client
NVD
CVSS 4.0
6.4
EPSS
0.1%
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

Local privilege escalation in Cato Client on macOS allows an authenticated low-privileged user to gain root by chaining two flaws in the PrivilegedHelperTool XPC service: improper certificate validation (CWE-295) that accepts self-signed certificates to bypass XPC caller verification, and a TOCTOU race condition exploitable via symlink swap during package installation. All Cato Client (SDP Client) versions prior to 5.13.1 on macOS are affected. A proof-of-concept exists per the CVSS 4.0 supplemental metric E:P, and the AU:Y (Automatable) tag indicates the exploit chain can be scripted - elevating practical urgency despite the absence of a CISA KEV listing.

Authentication Bypass Apple Sdp Client
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy