CNNVD-202506-1543 Information

CNNVD ID

CNNVD-202506-1543

Related CVE

CVE-2024-7457

• CNNVD Published: 2025-06-10

Description (Chinese)

Stash ws.stash.app.mac.daemon.helper是Stash公司的一款macOS的系统代理组件。 Stash ws.stash.app.mac.daemon.helper存在安全漏洞，该漏洞源于错误使用macOS授权模型，可能导致未经授权的客户端通过XPC调用特权操作，包括修改系统网络设置。

Description (English)

Stash ws.stat.app.mac.daemon.helper is a system agent component of MacOS of Stash. Stash ws.stat.app.mac.daemón.helper has a security loophole that stems from the misuse of the MacOS authorization model and may lead to unauthorized client access privileges through XPC, including modifications to the system network settings.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Stash

Published

2025-06-10

Last Modified

2026-02-24

References

https://pentraze.com/ https://nvd.nist.gov/vuln/detail/CVE-2024-7457