216.73.216.86

CVE-2025-69604

· Published 29/01/2026 20:16 · Modified 29/01/2026 20:16

Labels: CVE-2025-69604 2026-01-29CVE-2025-69604[email protected]

Essential information

Published
29/01/2026 20:16
Modified
29/01/2026 20:16
Author
Creator
CISA KEV
No
CWE

Description

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
shirt pocket / superduper cpe:2.3:a:shirt_pocket:superduper:*:*:*:*:*:*:*:*

References