{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T19:28:37.564","vulnerabilities":[{"cve":{"id":"CVE-2025-4960","sourceIdentifier":"41c37e40-543d-43a2-b660-2fee83ea851a","published":"2026-02-19T07:17:38.137","lastModified":"2026-06-17T09:34:23.817","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s authorization model, exposing privileged functionality to untrusted users. Although it invokes the AuthorizationCopyRights API, it does so using overly permissive custom rights that it registers in the system’s authorization database (/var/db/auth.db).\n\n\nThese rights can be requested and granted by the authorization daemon to any local user, regardless of privilege level. As a result, an attacker can exploit the vulnerable service to perform privileged operations such as executing arbitrary commands or installing system components without requiring administrative credentials."},{"lang":"es","value":"La herramienta com.epson.InstallNavi.helper, desplegada con el instalador del controlador de impresora EPSON, contiene una vulnerabilidad de escalada de privilegios local debido a múltiples fallos en su implementación. No autentica correctamente a los clientes a través del protocolo XPC y no aplica correctamente el modelo de autorización de macOS, exponiendo funcionalidad privilegiada a usuarios no confiables. Aunque invoca la API AuthorizationCopyRights, lo hace utilizando derechos personalizados excesivamente permisivos que registra en la base de datos de autorización del sistema (/var/db/auth.db).\n\nEstos derechos pueden ser solicitados y concedidos por el demonio de autorización a cualquier usuario local, independientemente del nivel de privilegio. Como resultado, un atacante puede explotar el servicio vulnerable para realizar operaciones privilegiadas, como ejecutar comandos arbitrarios o instalar componentes del sistema sin requerir credenciales administrativas."}],"affected":[{"source":"41c37e40-543d-43a2-b660-2fee83ea851a","affectedData":[{"vendor":"EPSON","product":"EPSON Printer Controller Installer","defaultStatus":"unaffected","collectionURL":"https://epson.com.do/Soporte/Impresoras/Impresoras-multifuncionales/sh/s100","packageName":"com.epson.InstallNavi.helper","platforms":["MacOS"],"versions":[{"version":"0","lessThanOrEqual":"1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"41c37e40-543d-43a2-b660-2fee83ea851a","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-24T01:46:54.984973Z","id":"CVE-2025-4960","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"41c37e40-543d-43a2-b660-2fee83ea851a","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://pentraze.com/vulnerability-reports/","source":"41c37e40-543d-43a2-b660-2fee83ea851a"},{"url":"https://pentraze.com/vulnerability-reports/cve-2025-4960/","source":"41c37e40-543d-43a2-b660-2fee83ea851a"}]}}]}