CVE-2025-69604
Essential information
- Published
- 29/01/2026 20:16
- Modified
- 29/01/2026 20:16
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls.
NVD status
- Status
- Received — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| shirt pocket / superduper | cpe:2.3:a:shirt_pocket:superduper:*:*:*:*:*:*:*:* |