CVE-2025-5255

N/A Unknown
Published: June 20, 2025 Modified: January 21, 2026
View on NVD

Description

The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple.security.cs.allow-dyld-environment-variables" and "com.apple.security.cs.disable-library-validation" allows for Dynamic Library (Dylib) injection. A local attacker with unprivileged access can use environment variables like DYLD_INSERT_LIBRARIES to successfully inject code in application's context andย bypass Transparency, Consent, and Control (TCC). Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission. This issue was fixed in commit 0c75fb57f89d0b7d9b180026bc2624b7dcf807da

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://cert.pl/en/posts/2025/06/tcc-bypass/
Source: cvd@cert.pl
https://github.com/phcode-dev/phoenix-desktop/commit/ab5d5ffd04fbbab770c1ef6250cd0ec5323289c2
Source: cvd@cert.pl
https://phcode.dev/
Source: cvd@cert.pl

3 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.0%
5th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-276

Related CVEs

CVE-2026-5104 6.3
CVE-2026-5103 6.3
CVE-2026-3124 7.5
CVE-2025-15036 9.6
CVE-2026-5102 6.3