Nullevent

**Name of the Vulnerable Software and Affected Versions** Acronis True Image (macOS) versions prior to build 42389 Acronis True Image for SanDisk (macOS) versions prior to build 42198 Acronis True Image for Western Digital (macOS) versions prior to build 42197 **Description** An insecure XPC service configuration can lead to local privilege escalation. XPC (eXtension Programming Interface) is a macOS framework for inter-process communication. An insecure configuration of this service allows an attacker to gain elevated privileges on the system. **Recommendations** Update Acronis True Image (macOS) to build 42389 or later. Update Acronis True Image for SanDisk (macOS) to build 42198 or later. Update Acronis True Image for Western Digital (macOS) to build 42197 or later.

**Name of the Vulnerable Software and Affected Versions** Mattermost Desktop App versions <=5.10.0 **Description** The issue allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection due to explicitly declared unnecessary macOS entitlements. **Recommendations** For Mattermost Desktop App versions <=5.10.0, update to a version higher than 5.10.0 to resolve the issue. As a temporary workaround, consider restricting remote access to the application until a patch is available.

**Name of the Vulnerable Software and Affected Versions** DTEX DEC-M (DTEX Forwarder) version 6.1.1 **Description** An issue was discovered in the com.dtexsystems.helper service, which handles privileged operations within the macOS DTEX Event Forwarder agent. The service fails to implement critical client validation during XPC interprocess communication (IPC), allowing malicious actors to exploit the service's methods via unauthorized client connections. This can lead to privilege escalation to root by abusing the `DTConnectionHelperProtocol` protocol's `submitQuery` method over an unauthorized XPC connection. **Recommendations** For DTEX DEC-M (DTEX Forwarder) version 6.1.1, consider disabling the `com.dtexsystems.helper` service until a patch is available to prevent exploitation. Restrict access to the `DTConnectionHelperProtocol` protocol to minimize the risk of unauthorized connections. Avoid using the `submitQuery` method in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.