{"vulnerability": "CVE-2024-55968", "sightings": [{"uuid": "52e1124c-7437-43a8-a7b2-ceec621d03d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9472", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit POC Code for CVE-2024-55968\nURL\uff1ahttps://github.com/Wi1DN00B/CVE-2024-55968\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-17T21:16:24.000000Z"}, {"uuid": "ce7372e2-c62c-4d10-9eb4-ed6a8c0606e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9471", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for DTEX LPE (CVE-2024-55968)\nURL\uff1ahttps://github.com/null-event/CVE-2024-55968\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-17T21:12:14.000000Z"}, {"uuid": "bd8154ff-971d-4249-9318-34e1db363b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3306", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55968\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-28T22:15:15.860\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://github.com/Wi1DN00B/CVE-2024-55968\n2. https://github.com/null-event/CVE-2024-55968", "creation_timestamp": "2025-01-28T23:18:01.000000Z"}, {"uuid": "805c3214-c0cd-4cab-aa80-5ac0b91831a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3332", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55968\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection.\n\ud83d\udccf Published: 2025-01-29T00:31:54Z\n\ud83d\udccf Modified: 2025-01-29T00:31:54Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-55968\n2. https://github.com/Wi1DN00B/CVE-2024-55968\n3. https://github.com/null-event/CVE-2024-55968", "creation_timestamp": "2025-01-29T01:10:18.000000Z"}, {"uuid": "988d5e65-d191-4944-9e10-397f3e2e92ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113908135045749117", "content": "", "creation_timestamp": "2025-01-28T21:36:45.663342Z"}, {"uuid": "20edfc6e-b34d-46b4-b7e7-6ade5d093596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgti67rt542e", "content": "", "creation_timestamp": "2025-01-28T22:15:38.631709Z"}, {"uuid": "2093a37d-f232-4b47-bb33-f0c6749b0a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgtl72p3662u", "content": "", "creation_timestamp": "2025-01-28T23:09:51.828680Z"}, {"uuid": "14ac28cf-c8d7-4915-a30e-21ad3d39bc12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113912662928597537", "content": "", "creation_timestamp": "2025-01-29T16:48:26.708382Z"}, {"uuid": "705d5414-cd9f-4acf-b1de-bcafd5397d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://t.me/cvedetector/16654", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55968 - DTEX DEC-M Escalation of Privileges and XPC Connection Manipulation\", \n  \"Content\": \"CVE ID : CVE-2024-55968 \nPublished : Jan. 28, 2025, 10:15 p.m. | 1\u00a0hour, 26\u00a0minutes ago \nDescription : An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-29T01:29:08.000000Z"}, {"uuid": "205960cd-ad78-425a-addf-23f93e0a417b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://gist.github.com/nscan9/a31982c90ab40a8e00373bf15efbf52a", "content": "", "creation_timestamp": "2025-01-09T19:23:03.000000Z"}, {"uuid": "f4c18299-919d-4c64-89a8-76c7e97d2fd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:06.000000Z"}, {"uuid": "0f7eac50-52a9-444c-a680-c4ea4e0dbd55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lgvujjzk6f2o", "content": "", "creation_timestamp": "2025-01-29T21:02:05.514729Z"}, {"uuid": "c6fa612b-4560-4bbf-893a-b718e0417b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}]}