CVE-2025-62686 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on…
Medium CVSS: 6.2

CVE-2025-62686

A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a __RESTRICT segment, a local user may exploit the DYLD_INSERT_LIBRARIES environment variable to inject a dynamic library, potentially resulting in code execution with elevated privileges.
Vendor
Plugin-alliance
Product
Installation Manager
CWE
CWE-269
Yayın Tarihi
2025-12-03 17:15:52
Güncelleme
2025-12-18 20:53:14
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-269 Installation Manager MEDIUM Plugin-alliance 2025

Referanslar

https://almightysec.com/plugin-alliance-installationhelper-dylib-injection/