CVE-2025-9815
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-02

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-02
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-09-02
EPSS Evaluated
2026-06-15
NVD
CVE-2025-9815
EUVD
EUVD-2025-26373
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
alaneuler batterykid to 2.1 (inc)
apple macos *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in batteryKid version 2.1 for macOS, where a root-privileged XPC helper service named "me.alaneuler.batteryKid.PrivilegeHelper" does not authenticate incoming connections. It uses NSXPCListener without validating clients, allowing any local process to connect without restriction. This means any local user or process can invoke privileged functions exposed by the helper, such as reading and writing System Management Controller (SMC) keys, which control hardware operations. [1]

Impact Analysis

The impact of this vulnerability is that any local user or process can gain unauthorized privileged access to hardware controls by exploiting the missing authentication in the PrivilegeHelper service. This can lead to unauthorized hardware manipulation, potentially compromising system integrity, confidentiality, and availability. [1]

Detection Guidance

This vulnerability can be detected by checking for the presence of the root-privileged XPC helper service named "me.alaneuler.batteryKid.PrivilegeHelper" on the macOS system. You can use commands to list running services and check for this specific helper. For example, use `launchctl list | grep me.alaneuler.batteryKid.PrivilegeHelper` to see if the vulnerable service is running. Additionally, inspecting the system for the batteryKid application version 2.1 or earlier can help identify affected installations. [1]

Mitigation Strategies

Immediate mitigation steps include disabling or unloading the vulnerable XPC helper service "me.alaneuler.batteryKid.PrivilegeHelper" to prevent unauthorized local connections. You can use `launchctl unload` to stop the service temporarily. Additionally, updating batteryKid to a version that patches this authentication issue or removing the application entirely will mitigate the risk. Restricting local user permissions to prevent untrusted processes from accessing this helper is also recommended. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9815. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart