CVE-2026-24062 | THREATINT

Description

The "Privileged Helper" component of the Arturia Software Center (MacOS) does not perform sufficient client code signature validation when a client connects. This leads to an attacker being able to connect to the helper and execute privileged actions leading to local privilege escalation.

PUBLISHED Reserved 2026-01-21 | Published 2026-03-18 | Updated 2026-03-18 | Assigner SEC-VLab

Problem types

CWE-306 Missing authentication for critical function

Product status

Default status

unknown

2.12.0.3157

affected

Credits

Florian Haselsteiner, SEC Consult Vulnerability Lab finder

References

r.sec-consult.com/arturia third-party-advisory

cve.org (CVE-2026-24062)

nvd.nist.gov (CVE-2026-24062)

Download JSON