PT-2025-3121 · Termius · Termius
Published
2025-01-15
·
Updated
2025-01-31
·
CVE-2024-55503
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
termius versions prior to 9.9.0
Description
An issue in termius allows a local attacker to execute arbitrary code via a crafted script to the
DYLD INSERT LIBRARIES component. This enables the attacker to manipulate the script and gain unauthorized access.Recommendations
For versions prior to 9.9.0, update to version 9.9.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the
DYLD INSERT LIBRARIES component to minimize the risk of exploitation.Exploit
Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Termius