CVE-2026-24063
Writable Uninstall Script in Arturia Software Center Enables Privilege Escalation
Publication date: 2026-03-18
Last updated on: 2026-03-18
Assigner: SEC Consult Vulnerability Lab
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| arturia | software_center | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when a plugin is installed using the Arturia Software Center on MacOS. During installation, an uninstall.sh bash script is placed in a root-owned directory with file permissions set to 777, making it writable by any user. When uninstalling a plugin, the Privileged Helper executes this script. If an attacker modifies the script, they can exploit this to escalate their privileges on the system.
How can this vulnerability impact me? :
This vulnerability can lead to privilege escalation, allowing an attacker with limited access to gain higher privileges on the affected MacOS system. This can result in unauthorized control over the system, potentially compromising confidentiality, integrity, and availability of data and system resources.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know