PT-2025-26297 · Unknown · The Phoenix Code
Karol Mazurek
·
Publicado
2025-06-20
·
Atualizado
2026-01-21
·
CVE-2025-5255
CVSS v4.0
4.8
Média
| Vetor | AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
The Phoenix Code versions prior to the version with commit 0c75fb57f89d0b7d9b180026bc2624b7dcf807da
Description:
The issue is related to the configuration of The Phoenix Code on macOS, specifically the presence of certain entitlements. These entitlements allow for Dynamic Library (Dylib) injection, enabling a local attacker with unprivileged access to inject code into an application's context and bypass Transparency, Consent, and Control (TCC). The attacker can use environment variables like
DYLD INSERT LIBRARIES to inject code. The acquired resource access is limited to previously granted permissions by the user, and access to other resources requires user interaction with a system prompt.Recommendations:
For versions prior to the version with commit 0c75fb57f89d0b7d9b180026bc2624b7dcf807da, update to a version that includes the fix from commit 0c75fb57f89d0b7d9b180026bc2624b7dcf807da to resolve the issue. As a temporary workaround, consider restricting the use of environment variables like
DYLD INSERT LIBRARIES to minimize the risk of exploitation.Correção
Incorrect Default Permissions
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
The Phoenix Code