CVE-2024-14032 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitr…
High CVSS: 8.5

CVE-2024-14032

Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite system files and privileged binaries, achieving full system compromise. Twitch Studio was discontinued in May 2024.
Vendor
-
Product
-
CWE
CWE-862
Yayın Tarihi
2026-04-06 16:16:26
Güncelleme
2026-04-07 13:20:35
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-862 HIGH 2026

Referanslar

https://help.twitch.tv/s/article/recommended-software-for-broadcasting https://help.twitch.tv/s/topic/0TO3a000000kZfYGAU/twitch-studio https://www.iru.com/blog/twitch-privileged-helper https://www.vulncheck.com/advisories/twitch-studio-launcherhelper-xpc-missing-authorization-to-root-file-write