CVE-2025-65841
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-03

Last updated on: 2025-12-18

Assigner: MITRE

Description
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate recovery of the plaintext value. Any attacker who can read this settings file can fully compromise the victim's Aquarius account by importing the stolen configuration into their own client or login through the vendor website. This results in complete account takeover, unauthorized access to cloud-synchronized data, and the ability to perform authenticated actions as the user.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-03
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-03
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65841
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
acustica-audio aquarius 3.0.069
acustica_audio aquarius_desktop *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in a local settings file using a weak obfuscation method. The password is encrypted with a predictable byte-substitution that can be easily reversed, allowing anyone who can read the file to recover the plaintext password immediately.

Impact Analysis

An attacker who can access the settings file can fully compromise the victim's Aquarius account by importing the stolen configuration or logging in through the vendor website. This leads to complete account takeover, unauthorized access to cloud-synchronized data, and the ability to perform actions authenticated as the user.

Detection Guidance

You can detect this vulnerability by checking for the presence of the file '~/Library/Application Support/Aquarius/aquarius.settings' on macOS systems. Since the password is stored in this file using a weak obfuscation scheme, inspecting the contents of this file can reveal if sensitive credentials are exposed. A command to check for the file and view its contents is: 'cat ~/Library/Application\ Support/Aquarius/aquarius.settings'.

Mitigation Strategies

Immediate mitigation steps include restricting access permissions to the '~/Library/Application Support/Aquarius/aquarius.settings' file to prevent unauthorized reading, such as using 'chmod 600' on the file. Additionally, avoid storing sensitive credentials in this file or use alternative secure storage methods. If possible, change your Aquarius account password and monitor for unauthorized access. Contact the vendor for updates or patches addressing this issue.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65841. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart