The vulnerability exists in the Slate Digital Connect 1.37.0 for macOS, where the application installs a privileged helper tool that exposes an XPC service. The helper performs certificate checks that only compare the subject.OU value of the client’s signing certificate and ignores whether the certificate chains to a trusted code‑signing authority. By generating a self‑signed certificate with the expected OU, a local attacker can forge a client that authenticates to the XPC service, thereby gaining access to helper functionality and achieving local privilege escalation. This flaw is a misimplementation of certificate validation and is classified as CWE‑296.

The affected product is Slate Digital Connect 1.37.0 for macOS. The vulnerability involves the privileged helper com.slatedigital.connect.privileged.helper.tool and the XPC service com.slatedigital.connect.privileged.helper.tool2. No other affected versions were reported, and the vendor did not provide a fixed release at disclosure.

Because the flaw can be triggered by any user with local access to the macOS device, the attack vector is local. Although no EPSS score is available and the vulnerability is not listed in the CISA KEV catalog, its potential impact is severe; unrestricted access to the privileged helper can lead to complete system compromise. No patch exists yet, so the risk remains high until the vendor releases a fix. Until then, administrators should treat the issue as a critical local privilege escalation risk.