CVE-2025-25364
Unknown Unknown - Not Provided
Command Injection in Speedify VPN me.connectify.SMJobBlessHelper Service

Publication date: 2025-12-23

Last updated on: 2025-12-23

Assigner: MITRE

Description
A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-23
Last Modified
2025-12-23
Generated
2026-06-16
AI Q&A
2025-12-23
EPSS Evaluated
2026-06-15
NVD
CVE-2025-25364
EUVD
EUVD-2025-204839
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
connectify speedify 15.2
connectify speedify *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-25364 is a critical command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN versions up to 15.0.0 installed outside the Mac App Store. The vulnerability arises because the XPC Message Handler accepted messages without proper validation, the _handleLaunchSpeedifyMsg function extracted command parameters directly from user input without sanitization, and the _RunSystemCmd function executed shell commands with root privileges based on these parameters. This allowed attackers to inject and execute arbitrary shell commands with root-level privileges, potentially leading to full system compromise. [1]

Impact Analysis

This vulnerability can allow an attacker to execute arbitrary commands on your system with root-level privileges, which means they could take full control of your system. This could lead to unauthorized access, data theft, system manipulation, installation of malware, or complete system compromise. Users running vulnerable versions of Speedify on macOS outside the App Store are at risk and should upgrade immediately. [1]

Detection Guidance

You can detect this vulnerability by checking if Speedify VPN is installed on your macOS system outside the Mac App Store and verifying the version number. Vulnerable versions are those prior to 15.2. To check the version, open the Speedify application and look in the settings menu. There are no specific network or system commands provided to detect exploitation attempts or the presence of the vulnerable service. Users should look for Speedify versions older than 15.2 to identify if they are at risk. [1]

Mitigation Strategies

Immediately upgrade Speedify VPN to version 15.2 or later (with 15.5 being the latest as of April 22, 2025) if you have it installed outside the Mac App Store. Verify your software version via the application's settings menu. If you have used vulnerable versions for extended periods, consider changing your system passwords. Users who installed Speedify from the Mac App Store or on other platforms are not affected and do not need to take action. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-25364. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart