{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-2637","assignerOrgId":"84fe0718-d6bb-4716-a7e8-81a6d1daa869","state":"PUBLISHED","assignerShortName":"Fluid Attacks","dateReserved":"2026-02-17T19:10:25.606Z","datePublished":"2026-03-03T14:04:28.459Z","dateUpdated":"2026-03-03T14:35:43.673Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["MacOS"],"product":"iBoysoft NTFS","vendor":"iBoysoft","versions":[{"status":"affected","version":"8.0.0"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:a:iboysoft:iboysoft_ntfs:8.0.0:*:macos:*:*:*:*:*","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"credits":[{"lang":"en","type":"finder","value":"Oscar Uribe"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<span style=\"background-color: rgb(255, 255, 255);\">iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon </span>ntfshelperd<span style=\"background-color: rgb(255, 255, 255);\">.&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">The daemon exposes an NSConnection service </span><span style=\"background-color: rgb(255, 255, 255);\">that runs as root without implementing any authentication or authorization checks.</span></span><br><br><p>This issue affects iBoysoft NTFS: 8.0.0.</p>"}],"value":"iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks.\n\nThis issue affects iBoysoft NTFS: 8.0.0."}],"impacts":[{"capecId":"CAPEC-233","descriptions":[{"lang":"en","value":"CAPEC-233 Privilege Escalation"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":8.5,"baseSeverity":"HIGH","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-732","description":"CWE-732 Incorrect Permission Assignment for Critical Resource","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"84fe0718-d6bb-4716-a7e8-81a6d1daa869","shortName":"Fluid Attacks","dateUpdated":"2026-03-03T14:04:28.459Z"},"references":[{"tags":["third-party-advisory"],"url":"https://fluidattacks.com/advisories/cuarteto"},{"tags":["product"],"url":"https://iboysoft.com/ntfs-for-mac/"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-03T14:35:28.831057Z","id":"CVE-2026-2637","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-03T14:35:43.673Z"}}]}}