CVE-2025-65842
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-03

Last updated on: 2025-12-18

Assigner: MITRE

Description
The Aquarius HelperTool (1.0.003) privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights with a NULL reference, causing all authorization checks to succeed. The executeCommand:authorization:withReply: method then interpolates attacker-controlled input into NSTask and executes it with root privileges. A local attacker can exploit these weaknesses to run arbitrary commands as root, create persistent backdoors, or obtain a fully interactive root shell.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-03
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-03
EPSS Evaluated
2026-06-14
NVD
CVE-2025-65842
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
acustica-audio aquarius_helpertool 1.0.003
acustica_audio aquarius_desktop *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Aquarius HelperTool (1.0.003) privileged XPC service on macOS. The service accepts connections from any local process without verifying the client's identity, and its authorization logic is flawed because it calls AuthorizationCopyRights with a NULL reference, causing all authorization checks to succeed. This allows a local attacker to execute arbitrary commands as root by injecting attacker-controlled input into NSTask, potentially leading to privilege escalation.

Impact Analysis

An attacker with local access can exploit this vulnerability to run arbitrary commands with root privileges, create persistent backdoors, or obtain a fully interactive root shell. This can lead to complete system compromise, unauthorized access to sensitive data, and loss of control over the affected system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65842. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart