CVE-2024-55968

HIGH
Published Jan 28, 2025 Modified Apr 15, 2026 CWE-267

Description

An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection.

CVSS v3.1 Score

8.8
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

CWE-267 CWE-267

References

Frequently Asked Questions

What is CVE-2024-55968? +
An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection. It has a CVSS v3.1 base score of 8.8 (HIGH).
How severe is CVE-2024-55968? +
CVE-2024-55968 has a CVSS v3.1 score of 8.8 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.
How do I check if I'm vulnerable to CVE-2024-55968? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-2903

An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform (GCP) using the OS Login …
CVE-2026-29646 9.8

In OpenXiangShan NEMU prior to 55295c4, when running with RVH (Hypervisor extension) enabled, a VS-mode guest write to the supervisor …
CVE-2025-26467 8.8

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges …
CVE-2025-23015 8.8

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges …
CVE-2024-39866 8.8

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users …
CVE-2026-42406 8.7

A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager …

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-55968 — free, no signup required.

Start Free Scan