How to fix CVE-2025-65843?

Within 24 hours: Identify and inventory all macOS systems running Aquarius Desktop 3.0.069 and isolate affected machines from production networks if possible. Within 7 days: Disable the support data archive generation feature across all affected installations through configuration management or group policy; implement file system monitoring on ~/Library/Logs/Aquarius directories to detect suspicious symbolic link creation. Within 30 days: Contact Aquarius vendor for patch availability and timeline; evaluate alternative solutions or upgraded versions; plan and execute full remediation across the organization once patches are available.

Is Aquarius affected by CVE-2025-65843?

Aquarius Desktop 3.0.069 for macOS contains a critical file handling flaw that allows local attackers to access or modify sensitive files on affected systems.

CVE-2025-65843

EUVD-2025-200991 HIGH

2025-12-03 [email protected]

7.7

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 16:14 euvd

EUVD-2025-200991

Analysis Generated

Mar 15, 2026 - 16:14 vuln.today

PoC Detected

Dec 18, 2025 - 20:34 vuln.today

Public exploit code

CVE Published

Dec 03, 2025 - 17:15 nvd

HIGH 7.7

Description

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the ~/Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius recursively enumerates logs using a JUCE directory iterator configured to follow symlinks, and later writes file data without validating whether the target is a symbolic link. A local attacker can exploit this behavior by planting symlinks to arbitrary filesystem locations, resulting in unauthorized disclosure or modification of arbitrary files. When chained with the associated HelperTool privilege escalation issue, root-owned files may also be exposed.

Analysis

Technical Context

Privilege escalation allows a low-privileged user or process to gain elevated permissions beyond what was originally authorized. This vulnerability is classified as Improper Link Resolution Before File Access (CWE-59).

Affected Products

Affected products: Acustica-Audio Aquarius 3.0.069

Remediation

Apply the principle of least privilege. Keep systems patched. Monitor for suspicious privilege changes. Use mandatory access controls (SELinux, AppArmor).

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: +20

CVE-2025-65843 vulnerability details – vuln.today

Back

CVE-2025-65843

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-65843

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code