Wildn00B

**Name of the Vulnerable Software and Affected Versions** DTEX DEC-M (DTEX Forwarder) version 6.1.1 **Description** An issue was discovered in the com.dtexsystems.helper service, which handles privileged operations within the macOS DTEX Event Forwarder agent. The service fails to implement critical client validation during XPC interprocess communication (IPC), allowing malicious actors to exploit the service's methods via unauthorized client connections. This can lead to privilege escalation to root by abusing the `DTConnectionHelperProtocol` protocol's `submitQuery` method over an unauthorized XPC connection. **Recommendations** For DTEX DEC-M (DTEX Forwarder) version 6.1.1, consider disabling the `com.dtexsystems.helper` service until a patch is available to prevent exploitation. Restrict access to the `DTConnectionHelperProtocol` protocol to minimize the risk of unauthorized connections. Avoid using the `submitQuery` method in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.