CVE-2026-24067 Slate Digital LLC CVE debrief

Who should care

Users of Slate Digital Connect 1.37.0 for macOS, administrators of systems where Slate Digital Connect is installed, and security teams responsible for monitoring and mitigating local privilege escalation vulnerabilities.

Technical summary

The vulnerability is caused by a TOCTOU race condition in the PID-based client validation mechanism of the com.slatedigital.connect.privileged.helper.tool XPC service. An attacker can exploit this by reusing a PID to trick the validation process into trusting a different process, thereby gaining access to privileged functionality.

Defensive priority

High

Recommended defensive actions

• Apply the latest security patches or updates for Slate Digital Connect 1.37.0 for macOS as soon as available.
• Restrict access to the Slate Digital Connect application and its helper tools to trusted users only.
• Monitor system logs for suspicious activity related to Slate Digital Connect and its privileged helper tool.
• Consider implementing additional security measures such as strict access controls and monitoring of system calls related to process creation and XPC services.

Evidence notes

The vulnerability was reported by Sec Consult, as referenced in [ref-4](https://r.sec-consult.com/slate) and [ref-5](https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-in-slate-digital-connect/).

Official resources