CVE-2025-4960

Awaiting Analysis Awaiting Analysis - Queue

Local Privilege Escalation in Epson InstallNavi Helper via XPC Flaws

Publication date: 2026-02-19

Last updated on: 2026-02-19

Assigner: Pentraze

Description

The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s authorization model, exposing privileged functionality to untrusted users. Although it invokes the AuthorizationCopyRights API, it does so using overly permissive custom rights that it registers in the system’s authorization database (/var/db/auth.db). These rights can be requested and granted by the authorization daemon to any local user, regardless of privilege level. As a result, an attacker can exploit the vulnerable service to perform privileged operations such as executing arbitrary commands or installing system components without requiring administrative credentials.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-02-19

Last Modified

2026-02-19

Generated

2026-06-16

AI Q&A

2026-02-19

EPSS Evaluated

2026-06-14

NVD

CVE-2025-4960

EUVD

EUVD-2025-207554

Affected Vendors & Products

Vendor	Product	Version / Range
epson	installnavi	-

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-863	The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Attack-Flow Graph

Executive Summary

The vulnerability exists in the com.epson.InstallNavi.helper tool, which is part of the EPSON printer driver installer. It is a local privilege escalation flaw caused by multiple implementation errors. Specifically, the tool fails to properly authenticate clients communicating over the XPC protocol and does not correctly enforce macOS's authorization model.

Although the tool uses the AuthorizationCopyRights API, it registers overly permissive custom rights in the system's authorization database. These rights can be requested and granted by the authorization daemon to any local user, regardless of their privilege level.

As a result, an attacker with local access can exploit this vulnerability to perform privileged operations such as executing arbitrary commands or installing system components without needing administrative credentials.

Impact Analysis

This vulnerability allows an attacker with local access to escalate their privileges on the affected system. They can execute arbitrary commands or install system components with elevated privileges without requiring administrative credentials.

Such unauthorized privileged access can lead to complete system compromise, unauthorized data access, modification or deletion of system files, and installation of persistent malware or backdoors.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Hi! I’m here to help you understand CVE-2025-4960. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2025-4960

Local Privilege Escalation in Epson InstallNavi Helper via XPC Flaws

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart