A newly disclosed vulnerability dubbed “Daemon Ex Plist” allows attackers to escalate privileges from standard user to root access on macOS systems, exploiting a timing flaw in how the operating system handles daemon configuration files.
Security researcher Egor Filatov published details of the vulnerability on July 17, 2025, demonstrating how malicious actors can manipulate property list files to gain complete system control.
https://gbhackers.com/daemon-ex-plist-vulnerability/