CNNVD-202512-367 Information
Dec 03, 2025
cve
CNNVD ID
CNNVD-202512-367
Related CVE
- CNNVD Published: 2025-12-03
Description (Chinese)
Plugin Alliance Installation Manager是美国Plugin Alliance公司的一个插件管理器。 Plugin Alliance Installation Manager v1.4.0版本存在安全漏洞,该漏洞源于InstallationHelper服务接受未经验证的XPC连接,可能导致本地用户执行任意命令。
Description (English)
Plugin Alliance Establishment Manager is a plugin manager for the United States company Plugin Alliance. There is a security loophole in the version of Plugin Alliance Construction Manager v1.4.0, which originates from the fact that the Installation Helper service receives uncertified XPC connections, which may lead local users to execute arbitrary orders.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Plugin Alliance
Published
2025-12-03
Last Modified
2026-02-24
References
https://almightysec.com/plugin-alliance-helpertool-xpc-service-local-privilege-escalation/
Share on: