CVE-2026-11626

Vulnerability

The CleanWipe Removal Tool for macOS, versions prior to 16.0.0.65, is susceptible to a local privilege escalation vulnerability. This issue allows an attacker with limited privilege access on an affected system to escalate their privileges to gain administrative control [1].

Exploitation

An attacker with limited privilege access on an affected system can exploit this vulnerability. The exact conditions and sequence of steps required for exploitation are not detailed in the available references, but it involves leveraging the limited privileges to escalate to administrative control [1].

Impact

Successful exploitation of this vulnerability allows an attacker to escalate their privileges from limited access to full administrative control over the affected macOS system. This grants the attacker the highest level of privilege on the system [1].

Mitigation

An update, MacOS_CleanWipe_EA_16.0.0.65, has been released to address this issue. The latest version of the CleanWipe Removal tool can be obtained via the "Download the CleanWipe removal tool to uninstall Endpoint Protection" knowledge base article. Broadcom also recommends restricting administrative access, remote access, running under least privilege, keeping systems updated, and employing multi-layered security and intrusion detection systems [1].