CVE-2025-5995

| EUVD-2025-19237 MEDIUM
2025-06-26 4586e0a2-224d-4f8a-9cb4-8882b208c0b3
4.6
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None

Lifecycle Timeline

3
Analysis Generated
Mar 15, 2026 - 23:54 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 23:54 euvd
EUVD-2025-19237
CVE Published
Jun 26, 2025 - 20:15 nvd
MEDIUM 4.6

Tags

Privilege Escalation macOS

Description

Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29) and earlier contains an improper directory permissions vulnerability. Exploitation of this vulnerability requires administrator access by a malicious user. An attacker could modify the directory, potentially resulting in code execution and ultimately leading to privilege escalation.

Analysis

Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29) and earlier contains an improper directory permissions vulnerability. Exploitation of this vulnerability requires administrator access by a malicious user. An attacker could modify the directory, potentially resulting in code execution and ultimately leading to privilege escalation.

Technical Context

Privilege escalation allows a low-privileged user or process to gain elevated permissions beyond what was originally authorized. This vulnerability is classified as Incorrect Permission Assignment for Critical Resource (CWE-732).

Remediation

Apply the principle of least privilege. Keep systems patched. Monitor for suspicious privilege changes. Use mandatory access controls (SELinux, AppArmor).

Priority Score

23
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +23
POC: 0

Share

CVE-2025-5995 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy