Twitch · Twitch Studio · CVE-2024-14032
Name of the Vulnerable Software and Affected Versions
Twitch Studio versions prior to 0.114.8
Description
Twitch Studio version 0.114.8 and prior contain a privilege escalation issue in its privileged helper tool. Local attackers can execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the `installFromPath:toPath:withReply:` method to overwrite system files and privileged binaries, achieving full system compromise.
Recommendations
Update Twitch Studio to version 0.114.8 or later.