CVE-2026-24063
Deferred Deferred - Pending Action
Writable Uninstall Script in Arturia Software Center Enables Privilege Escalation

Publication date: 2026-03-18

Last updated on: 2026-05-19

Assigner: SEC Consult Vulnerability Lab

Description
When a plugin is installed using the Arturia Software Center (MacOS), it also installs an uninstall.sh bash script in a root owned path. This script is written to disk with the file permissions 777, meaning it is writable by any user. When uninstalling a plugin via the Arturia Software Center the Privileged Helper gets instructed to execute this script. When the bash script is manipulated by an attacker this scenario will lead to privilege escalation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-18
Last Modified
2026-05-19
Generated
2026-06-16
AI Q&A
2026-03-18
EPSS Evaluated
2026-06-14
NVD
CVE-2026-24063
EUVD
EUVD-2026-12831
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
arturia software_center *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-276 During installation, installed file permissions are set to allow anyone to modify those files.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability can lead to privilege escalation, allowing an attacker with limited access to gain higher privileges on the affected MacOS system. This can result in unauthorized control over the system, potentially compromising confidentiality, integrity, and availability of data and system resources.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Executive Summary

This vulnerability occurs when a plugin is installed using the Arturia Software Center on MacOS. During installation, an uninstall.sh bash script is placed in a root-owned directory with file permissions set to 777, making it writable by any user. When uninstalling a plugin, the Privileged Helper executes this script. If an attacker modifies the script, they can exploit this to escalate their privileges on the system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24063. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart