← volver
CVE-2025-55076

CVE-2025-55076

CVSS 6.2 MEDIUMEPSS 0.2%CWE-269
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.2EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
03 dic 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system(), which may allow a local user to execute arbitrary commands with root privileges.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Productos afectados
n/a · n/a