CNNVD-202512-3438 Information

Dec 18, 2025 cve

CNNVD ID

CNNVD-202512-3438

CVE-2025-64723

  • CNNVD Published: 2025-12-18

Description (Chinese)

Arduino IDE是Arduino开源的一个开发工具。 Arduino IDE 2.3.7之前版本存在安全漏洞,该漏洞源于安全权限配置不当,可能导致绕过macOS硬化运行时保护。

Description (English)

Arduino IDE is an open source development tool for Arduino. A previous version of Artino IDE 2.3.7 had a security loophole, which stemmed from the inappropriate configuration of security clearances, which could lead to the use of macOS as a back-up protection.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Arduino

Published

2025-12-18

Last Modified

2026-02-24

References

https://support.arduino.cc/hc/en-us/articles/24329484618652-ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities https://github.com/arduino/arduino-ide/pull/2805/commits/2f7667136ee95ce07dde23c49d2de526b45e3293 https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj https://github.com/arduino/arduino-ide/releases/tag/2.3.7 https://access.redhat.com/security/cve/cve-2025-64723

Patch

https://www.arduino.cc/en/software/

Share on: