Privilege Escalation in Cato Client on macOS
CVE-2026-12374
6.4MEDIUM
What is CVE-2026-12374?
The vulnerability in the PrivilegedHelperTool XPC service of Cato Client on macOS prior to version 5.13.1 arises from improper handling of certificate validation. This flaw enables a local authenticated attacker to escalate privileges to root level. By exploiting a self-signed certificate that circumvents XPC caller verification and utilizing a symlink swap method during package installation, an attacker can gain unauthorized access. It is essential for users to update to versions beyond 5.13.1 to mitigate this risk.
Affected Version(s)
SDP Client MacOS 5.12.0 < 5.13.1
