Vulnerabilities chain leading to privilege escalation

The researcher provided us with a chain of 5 vulnerabilities. By chaining all of them together, the attacker is able to establish a valid XPC connection with the privileged helper. Then, the attacker is able to send a message to open a binary located in the controlled location that has a symlink. Since the privileged helper resolves a tiny symlink, by constantly swapping the symlink to NordVPN and malicious file, the attacker is able to win a race condition (TOCTOU) and execute a malicious file within the scope of root permissions.