CVE-2025-9815
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-02

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-02
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-09-02
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9815
EUVD
EUVD-2025-26373
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
alaneuler batterykid to 2.1 (inc)
apple macos *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in batteryKid version 2.1 for macOS, where a root-privileged XPC helper service named "me.alaneuler.batteryKid.PrivilegeHelper" does not authenticate incoming connections. It uses NSXPCListener without validating clients, allowing any local process to connect without restriction. This means any local user or process can invoke privileged functions exposed by the helper, such as reading and writing System Management Controller (SMC) keys, which control hardware operations. [1]


How can this vulnerability impact me? :

The impact of this vulnerability is that any local user or process can gain unauthorized privileged access to hardware controls by exploiting the missing authentication in the PrivilegeHelper service. This can lead to unauthorized hardware manipulation, potentially compromising system integrity, confidentiality, and availability. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking for the presence of the root-privileged XPC helper service named "me.alaneuler.batteryKid.PrivilegeHelper" on the macOS system. You can use commands to list running services and check for this specific helper. For example, use `launchctl list | grep me.alaneuler.batteryKid.PrivilegeHelper` to see if the vulnerable service is running. Additionally, inspecting the system for the batteryKid application version 2.1 or earlier can help identify affected installations. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include disabling or unloading the vulnerable XPC helper service "me.alaneuler.batteryKid.PrivilegeHelper" to prevent unauthorized local connections. You can use `launchctl unload` to stop the service temporarily. Additionally, updating batteryKid to a version that patches this authentication issue or removing the application entirely will mitigate the risk. Restricting local user permissions to prevent untrusted processes from accessing this helper is also recommended. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart