CVE-2026-24064

7.8 HIGH

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability

Published: 2026-06-09 · Last updated: 2026-06-10

Severity and scoring

CVSS: 7.8 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-426

Description

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLD_INSERT_LIBRARIES environment variable to inject an attacker-controlled dynamic library into the trusted client process at launch. The injected code runs within the signed process and can connect to the product's privileged helper service to invoke privileged operations, resulting in arbitrary code execution as root. The issue is fixed in version 16.6.2.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-24064
[Other]https://r.sec-consult.com/waves
[Other]https://r.sec-consult.com/waves

Related CVEs

Same CWE

CVE-2026-48565 — Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally (7.8 HIGH)
CVE-2026-47648 — Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally (7.0 HIGH)
CVE-2026-11401 — An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL will allow a remot... (8.0 HIGH)
CVE-2026-11400 — An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a rem... (8.0 HIGH)
CVE-2026-44477 — CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments (9.9 CRITICAL)