CVE-2026-2637

iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks. This issue affects iBoysoft NTFS: 8.0.0.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fluidattacks.com/advisories/cuarteto	Exploit Third Party Advisory
https://iboysoft.com/ntfs-for-mac/	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:iboysoft:ntfs_for_mac:8.0:*:*:*:*:*:*:*

History

27 Apr 2026, 13:12

Type	Values Removed	Values Added
First Time		Iboysoft ntfs For Mac Iboysoft
References	~~() https://fluidattacks.com/advisories/cuarteto -~~	() https://fluidattacks.com/advisories/cuarteto - Exploit, Third Party Advisory
References	~~() https://iboysoft.com/ntfs-for-mac/ -~~	() https://iboysoft.com/ntfs-for-mac/ - Product
Summary		(es) iBoysoft NTFS para Mac contiene una vulnerabilidad de escalada de privilegios local en su demonio auxiliar privilegiado ntfshelperd. El demonio expone un servicio NSConnection que se ejecuta como root sin implementar ninguna comprobación de autenticación o autorización. Este problema afecta a iBoysoft NTFS: 8.0.0.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CPE		cpe:2.3:a:iboysoft:ntfs_for_mac:8.0:::::::*

03 Mar 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-03 15:16

Updated : 2026-04-27 13:12

NVD link : CVE-2026-2637

Mitre link : CVE-2026-2637

CVE.ORG link : CVE-2026-2637

JSON object : View

Products Affected

iboysoft

ntfs_for_mac

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource

{"id": "CVE-2026-2637", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "help@fluidattacks.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-03T15:16:20.950", "references": [{"url": "https://fluidattacks.com/advisories/cuarteto", "tags": ["Exploit", "Third Party Advisory"], "source": "help@fluidattacks.com"}, {"url": "https://iboysoft.com/ntfs-for-mac/", "tags": ["Product"], "source": "help@fluidattacks.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "help@fluidattacks.com", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd.\u00a0The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks.\n\nThis issue affects iBoysoft NTFS: 8.0.0."}, {"lang": "es", "value": "iBoysoft NTFS para Mac contiene una vulnerabilidad de escalada de privilegios local en su demonio auxiliar privilegiado ntfshelperd. El demonio expone un servicio NSConnection que se ejecuta como root sin implementar ninguna comprobaci\u00f3n de autenticaci\u00f3n o autorizaci\u00f3n.\n\nEste problema afecta a iBoysoft NTFS: 8.0.0."}], "lastModified": "2026-04-27T13:12:44.317", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:iboysoft:ntfs_for_mac:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53C6FBA4-0B4F-4E1B-80B0-D15E5A521C79"}], "operator": "OR"}]}], "sourceIdentifier": "help@fluidattacks.com"}