X1A0He

**Name of the Vulnerable Software and Affected Versions** X1a0He Adobe Downloader version 1.3.1 and earlier **Description** A critical vulnerability was found in the X1a0He Adobe Downloader, affecting the `shouldAcceptNewConnection` function of the `com.x1a0he.macOS.Adobe-Downloader.helper` file in the XPC Service component. This leads to improper privilege management. The exploit has been disclosed to the public and may be used, requiring a local approach to attack. It is noted that this product is not affiliated with the company Adobe. **Recommendations** For X1a0He Adobe Downloader version 1.3.1 and earlier, as a temporary workaround, consider disabling the `shouldAcceptNewConnection` function until a patch is available. Restrict access to the XPC Service component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.