CVE-2025-15523
TCC Permission Bypass via Python Interpreter in Inkscape MacOS
Publication date: 2026-01-22
Last updated on: 2026-01-22
Assigner: CERT.PL
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| inkscape | inkscape | to 1.4.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows a local attacker to access files in privacy-protected folders without user consent prompts by leveraging previously granted TCC permissions. Such unauthorized access to protected user data could lead to violations of privacy regulations and standards like GDPR and HIPAA, which require strict controls and user consent for accessing personal and sensitive information. Therefore, the vulnerability potentially undermines compliance with these regulations by enabling covert access to protected data. [1]
Can you explain this vulnerability to me?
CVE-2025-15523 is a vulnerability in the MacOS version of Inkscape where the bundled Python interpreter inherits the Transparency, Consent, and Control (TCC) permissions granted to the main application. This allows a local attacker with user access to run arbitrary commands or scripts using the interpreter, leveraging Inkscape's previously granted TCC permissions to access files in privacy-protected folders without triggering user prompts. If the attacker tries to access resources beyond those permissions, the system prompts the user for approval under Inkscape's name, potentially disguising malicious intent. The issue is fixed in Inkscape version 1.4.3. [1]
How can this vulnerability impact me? :
This vulnerability can allow a local attacker to access your files in privacy-protected folders without your knowledge or consent by exploiting the TCC permissions granted to Inkscape. The attacker can execute arbitrary commands or scripts, potentially leading to unauthorized data access or manipulation. Additionally, if the attacker tries to access other protected resources, the system prompts for approval under Inkscape's name, which could mislead you into approving malicious actions. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the MacOS version of Inkscape bundling a Python interpreter that inherits TCC permissions, allowing local attackers to execute arbitrary commands. Detection would involve checking the Inkscape version installed on the system to see if it is prior to 1.4.3. You can check the Inkscape version by running the command: `inkscape --version`. Additionally, monitoring for unusual execution of the bundled Python interpreter within the Inkscape application bundle or unexpected access to privacy-protected folders without user prompts may indicate exploitation attempts. However, no specific detection commands or network detection methods are provided in the available resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update Inkscape to version 1.4.3 or later, as this version contains the fix for the vulnerability. Until the update is applied, restrict local user access to the system or monitor for suspicious activity involving the Inkscape bundled Python interpreter. Avoid running untrusted scripts or commands via Inkscape's Python interpreter to reduce risk. [1]