Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite system files and privileged binaries, achieving full system compromise. Twitch Studio was discontinued in May 2024.
Attack Parameters
Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service
CVSS Vector v4.0
Weakness Type (CWE)
References 4
https://help.twitch.tv/s/article/recommended-software-for-broadcasting
disclosure@vulncheck.com
https://help.twitch.tv/s/topic/0TO3a000000kZfYGAU/twitch-studio
disclosure@vulncheck.com
https://www.iru.com/blog/twitch-privileged-helper
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/twitch-studio-launcherhelper-xpc-missing-a…
disclosure@vulncheck.com