CNNVD-202512-068 Information
CNNVD ID
CNNVD-202512-068
Related CVE
- CNNVD Published: 2025-12-01
Description (Chinese)
Shirt Pocket SuperDuper!是Shirt Pocket公司的一个macOS系统中的数据备份、磁盘克隆和恢复工具。 Shirt Pocket SuperDuper! 3.10及之前版本存在安全漏洞,该漏洞源于本地攻击者可修改默认任务模板以root权限执行任意预检脚本,可能绕过macOS隐私控制。
Description (English)
Shirt Pocket SuperDuper! is a data backup, disk cloning and recovery tool in a MacOS system of Shirt Pocket. There is a security gap in the Shirt Pocket SuperDuper! 3.10 and earlier versions, which stems from the fact that local assailants can modify the default task template to execute random pre-screening scripts with root privileges, possibly bypassing MacOS privacy controls.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Shirt Pocket
Published
2025-12-01
Last Modified
2026-02-24
References
http://shirt.com https://shirt-pocket.com/SuperDuper/SuperDuperDescription.html https://www.shirtpocket.com/blog/index.php/shadedgrey/comments/superduper_security_update_v311/ https://access.redhat.com/security/cve/cve-2025-61229
Patch
https://www.shirt-pocket.com/SuperDuper/SuperDuperDescription.html
Share on: