CVE-2025-4960 is a local privilege escalation vulnerability identified in the EPSON Printer Controller Installer, specifically within the com.epson.InstallNavi.helper tool deployed alongside EPSON printer drivers on macOS. The root cause is an incorrect authorization implementation (CWE-863) where the helper tool fails to properly authenticate clients communicating over the XPC protocol. It invokes the macOS AuthorizationCopyRights API but registers overly permissive custom rights in the system authorization database (/var/db/auth.db). These custom rights are granted by the authorization daemon to any local user without verifying privilege levels, effectively bypassing macOS's intended authorization model. As a result, an attacker with local access can exploit this flaw to perform privileged operations such as executing arbitrary commands or installing system components without needing administrative credentials or user interaction. The vulnerability has a CVSS 3.1 base score of 7.8, reflecting high severity with impacts on confidentiality, integrity, and availability. No patches or known exploits are currently reported, but the vulnerability's design flaw presents a significant risk to affected systems.

The vulnerability allows any local user on a macOS system with the vulnerable EPSON printer driver installed to escalate their privileges to root or administrative levels. This can lead to complete system compromise, including unauthorized access to sensitive data, installation of persistent malware, and disruption of system operations. Organizations relying on EPSON printers in macOS environments face risks of insider threats or attackers gaining initial local access through other means and then leveraging this vulnerability to gain full control. The flaw undermines the security model of macOS by circumventing authorization checks, potentially leading to widespread exploitation if weaponized. Although exploitation requires local access, the ease of privilege escalation and lack of required user interaction increase the threat's severity. This can impact enterprise, government, and individual users, especially in environments where EPSON printers are common and macOS is widely used.

1. EPSON should be engaged to provide an official patch or updated installer that correctly implements authorization checks and restricts custom rights appropriately. Until a patch is available, organizations should consider uninstalling or disabling the EPSON Printer Controller Installer on macOS systems where feasible. 2. Restrict local user access to macOS systems, enforcing strict access controls and monitoring for unauthorized local logins. 3. Use macOS security tools to audit and monitor the /var/db/auth.db authorization database for unauthorized changes or overly permissive rights registrations. 4. Employ endpoint detection and response (EDR) solutions to detect anomalous process executions or privilege escalation attempts related to the com.epson.InstallNavi.helper tool. 5. Implement application whitelisting to prevent unauthorized execution of the vulnerable helper tool or related components. 6. Educate users about the risks of local access and enforce least privilege principles to minimize the number of users with local login capabilities. 7. Monitor security advisories from EPSON and macOS vendors for updates and promptly apply patches once released.