CVE-2025-25364
Command Injection in Speedify VPN me.connectify.SMJobBlessHelper Service
Publication date: 2025-12-23
Last updated on: 2025-12-23
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| connectify | speedify | 15.2 |
| connectify | speedify | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-25364 is a critical command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN versions up to 15.0.0 installed outside the Mac App Store. The vulnerability arises because the XPC Message Handler accepted messages without proper validation, the _handleLaunchSpeedifyMsg function extracted command parameters directly from user input without sanitization, and the _RunSystemCmd function executed shell commands with root privileges based on these parameters. This allowed attackers to inject and execute arbitrary shell commands with root-level privileges, potentially leading to full system compromise. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary commands on your system with root-level privileges, which means they could take full control of your system. This could lead to unauthorized access, data theft, system manipulation, installation of malware, or complete system compromise. Users running vulnerable versions of Speedify on macOS outside the App Store are at risk and should upgrade immediately. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if Speedify VPN is installed on your macOS system outside the Mac App Store and verifying the version number. Vulnerable versions are those prior to 15.2. To check the version, open the Speedify application and look in the settings menu. There are no specific network or system commands provided to detect exploitation attempts or the presence of the vulnerable service. Users should look for Speedify versions older than 15.2 to identify if they are at risk. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediately upgrade Speedify VPN to version 15.2 or later (with 15.5 being the latest as of April 22, 2025) if you have it installed outside the Mac App Store. Verify your software version via the application's settings menu. If you have used vulnerable versions for extended periods, consider changing your system passwords. Users who installed Speedify from the Mac App Store or on other platforms are not affected and do not need to take action. [1]