Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite system files and privileged binaries, achieving full system compromise. Twitch Studio was discontinued in May 2024.
Twitch Studio versions 0.114.8 and earlier contain a privilege escalation vulnerability in their privileged helper tool that allows local attackers to execute arbitrary code as root through an unprotected XPC service. Attackers can exploit the installFromPath:toPath:withReply: method to overwrite system files and achieve full system compromise.
تحتوي نسخ Twitch Studio 0.114.8 وما قبلها على ثغرة تصعيد امتيازات في أداة المساعد ذات الامتيازات تسمح للمهاجمين المحليين بتنفيذ كود عشوائي بصلاحيات الجذر. يمكن للمهاجمين استغلال الطريقة installFromPath:toPath:withReply: لاستبدال ملفات النظام والملفات الثنائية ذات الامتيازات.
Twitch Studio versions 0.114.8 and earlier contain a privilege escalation vulnerability in their privileged helper tool that allows local attackers to execute arbitrary code as root through an unprotected XPC service. Attackers can exploit the installFromPath:toPath:withReply: method to overwrite system files and achieve full system compromise.
Uninstall Twitch Studio immediately as the application was discontinued in May 2024. Users should remove all instances of the application and its associated privileged helper tools from their systems. Verify no unauthorized system file modifications have occurred and monitor systems for signs of compromise.
قم بإلغاء تثبيت Twitch Studio فوراً حيث تم إيقاف التطبيق في مايو 2024. يجب على المستخدمين إزالة جميع نسخ التطبيق وأدوات المساعد ذات الامتيازات المرتبطة به من أنظمتهم. تحقق من عدم حدوث تعديلات غير مصرح بها على ملفات النظام ومراقبة الأنظمة للكشف عن علامات الاختراق.