Privilege Escalation in Cato Client on macOS
CVE-2026-12374

6.4MEDIUM

Key Information:

Vendor
CVE Published:
1 July 2026

What is CVE-2026-12374?

The vulnerability in the PrivilegedHelperTool XPC service of Cato Client on macOS prior to version 5.13.1 arises from improper handling of certificate validation. This flaw enables a local authenticated attacker to escalate privileges to root level. By exploiting a self-signed certificate that circumvents XPC caller verification and utilizing a symlink swap method during package installation, an attacker can gain unauthorized access. It is essential for users to update to versions beyond 5.13.1 to mitigate this risk.

Affected Version(s)

SDP Client MacOS 5.12.0 < 5.13.1

References

CVSS V4

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.