iBoysoft NTFS for Mac Local Privilege Escalation Vulnerability

A local privilege escalation vulnerability has been identified in iBoysoft NTFS for Mac version 8.0.0. The issue resides in the privileged helper daemon 'ntfshelperd', which exposes an NSConnection service running as root without any authentication or authorization checks. This vulnerability allows local users to invoke privileged methods and execute system commands as root, potentially leading to a complete system compromise.

Impact

Exploitation of this vulnerability allows any local user to gain root privileges by invoking methods on the unprotected NSConnection service. This could lead to unauthorized access and control over the system.

Reproduction

The vulnerability can be reproduced by connecting to the 'com.iboysoft.ntfsformac.serverhelper' NSConnection service, which is accessible to all local users. Once connected, unprivileged users can invoke methods that execute shell commands with root privileges, taking advantage of the lack of authentication and authorization checks.