Home / Vulnerability Intelligence / CVE-2026-24063

CVE-2026-24063 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: March 19, 2026

Arturia Software Center - Privilege Escalation

Published: March 18, 2026Updated: March 19, 2026

Overview

Arturia Software Center on MacOS contains a privilege escalation vulnerability caused by an uninstall.sh script with writable permissions in a root-owned path, letting local attackers escalate privileges by modifying the script.

Severity & Score

Severity: High

CVSS Score: 8.2

EPSS Score: 1.0%(Probability of exploitation in next 30 days)

Impact

Local attackers can escalate privileges to root by modifying the writable uninstall.sh script.

Mitigation

Restrict uninstall.sh script permissions and ensure it is not writable by unprivileged users.

References

https://r.sec-consult.com/arturia

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 18, 2026

🟠 CVE-2026-24063 - High (8.2) When a plugin is installed using the Arturia Software Center (MacOS), it also installs an uninstall.sh bash script in a root owned path. This script is written to disk with the file permissions 777, meaning it is writable by any user. When uninsta... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24063/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-24063
Severity: High
CVSS Score: 8.2
Type: broken_access_control
Status: unconfirmed
EPSS: 1.0%
Social Posts: 1

CWE

CWE-276

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

EPSS Score

1.0%Probability of exploitation in the next 30 days