## https://sploitus.com/exploit?id=A2651D91-AF0B-550F-9C11-45273AC74DB6
# CVE-2025-49173 โ macOS 10.9 Local Root Privilege Escalation (Research)
> **Status:** Unofficial / Research-Based
> **Platform:** macOS Mavericks (10.9)
> **Impact:** Local Privilege Escalation โ Root
> **Severity:** High (Local)
This repository contains a **proof-of-concept (PoC) security research project** focused on a **local root privilege escalation vulnerability** affecting **macOS Mavericks (10.9)**.
The CVE identifier used here is **unofficial and for academic demonstration purposes only**.
---
## Overview
This research analyzes a privilege escalation attack vector that allows a **local unprivileged user** to escalate permissions and obtain **root-level access** under specific misconfiguration and authorization handling conditions in legacy macOS systems.
The project focuses on:
- macOS authorization mechanisms
- Legacy privilege boundaries
- User-to-root attack surface analysis
---
## Affected Systems
- macOS Mavericks **10.9**
- Other legacy macOS versions may be affected (not fully tested)
---
## Vulnerability Class
- Local Privilege Escalation (LPE)
- Authorization Misconfiguration
- Improper Privilege Boundary Enforcement
---
## Proof of Concept (PoC)
This repository includes:
- A controlled PoC implementation
- Step-by-step privilege escalation flow
- Logs demonstrating successful root-level execution
> โ ๏ธ The PoC is provided for **educational and defensive security research only**.
---
## Mitigation & Recommendations
- Disable unused legacy authorization services
- Apply strict file and binary permission hardening
- Monitor abnormal privilege transitions
- Avoid using unsupported legacy macOS versions in production environments
---
## Legal Disclaimer
This project is intended **strictly for educational, research, and defensive security purposes**.
- No warranty is provided
- The authors are not responsible for any misuse
- All testing was conducted in a controlled laboratory environment
Any use of this project for unauthorized access or malicious activity is strictly prohibited.
---