CVE-2026-24062

{"id": "CVE-2026-24062", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2026-03-18T16:16:26.300", "references": [{"url": "https://r.sec-consult.com/arturia", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "The \"Privileged Helper\" component of the Arturia Software Center (MacOS) does not perform sufficient client code signature validation when a client connects.\u00a0This leads to an attacker being able to connect to the helper and execute privileged actions leading to local privilege escalation."}, {"lang": "es", "value": "El componente 'Privileged Helper' del Arturia Software Center (MacOS) no realiza una validaci\u00f3n suficiente de la firma del c\u00f3digo del cliente cuando un cliente se conecta. Esto permite que un atacante pueda conectarse al helper y ejecutar acciones privilegiadas, lo que lleva a una escalada de privilegios local."}], "lastModified": "2026-05-19T15:35:04.330", "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf"}