PT-2026-54619 · Cato Networks · Sdp Client

Published

2026-07-01

·

Updated

2026-07-09

·

CVE-2026-12374

CVSS v4.0

6.4

Medium

VectorAV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/AU:Y/R:U/V:C/RE:L/U:Amber
Name of the Vulnerable Software and Affected Versions Cato Client versions prior to 5.13.1
Description The PrivilegedHelperTool XPC service on macOS contains improper certificate validation and a time-of-check time-of-use (TOCTOU) race condition. A TOCTOU race condition occurs when a program checks the state of a resource and then acts on that resource, but the state changes between the check and the action. This allows a local authenticated attacker to escalate privileges to root by using a self-signed certificate to bypass XPC caller verification and performing a symlink swap during package installation.
Recommendations Update Cato Client to version 5.13.1 or later.

Fix

LPE

Time Of Check To Time Of Use

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-12374

Affected Products

Sdp Client