CVE-2025-11921

Vulnerability Description

iStats contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via command injection.This issue affects iStats: 7.10.4.

Related Weaknesses (CWE)

CWE-732 CWE-77

References

https://bjango.com/mac/istatmenus/
https://cdn.istatmenus.app/files/istatmenus7/versions/iStatMenus7.10.6.zip
https://fluidattacks.com/advisories/muse

FAQ

What is CVE-2025-11921?

CVE-2025-11921 is a documented vulnerability. iStats contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via command injection.This issue affects iStats: 7.10.4.

How severe is CVE-2025-11921?

CVSS scoring is not yet available for CVE-2025-11921. Check NVD for updates.

Is there a patch for CVE-2025-11921?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.