Cato Networks macOS Client Vulnerability Enables Low-Privilege Code Execution
gbhackersA critical vulnerability in Cato Networks’ widely used macOS VPN client has been disclosed, enabling attackers with limited access to gain full control over affected systems.
Tracked as ZDI-25-252 (CVE pending), the flaw highlights mounting risks for enterprises relying on remote-access tools in hybrid work environments.
Security firm Zero Day Initiative (ZDI) uncovered the bug, which carries a CVSS score of 7.8 and allows local privilege escalation via Cato’s “Helper” service.
Attackers could exploit it to execute arbitrary code with root privileges, effectively bypassing macOS security safeguards.
Vulnerability Breakdown
The flaw stems from a Time-of-Check to Time-of-Use (TOCTOU) race condition in the Cato Client’s installation process.
Improper locking mechanisms let low-privileged users manipulate package installations mid-execution.
Key Technical Details:
- Attack Vector: Local access required (physical or via compromised user account).
- Impact: Full system compromise (confidentiality, integrity, and availability breaches).
- Affected Versions: All Cato Client for macOS builds ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE