CVE-2025-54595 HIGH

CVE-2025-54595: Pearcleaner's unauthenticated access to privileged XPC helper allows root command execution

Vendor Alienator88

Product Pearcleaner

Weakness CWE-78

Published August 1, 2025

Last update August 1, 2025

View on NVD All CVEs

CVSS base score

7.3/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Pearcleaner is a free, source-available and fair-code licensed mac app cleaner. The PearcleanerHelper is a privileged helper tool bundled with the Pearcleaner application. It is registered and activated only after the user approves a system prompt to allow privileged operations. Upon approval, the helper is configured as a LaunchDaemon and runs with root privileges. In versions 4.4.0 through 4.5.1, the helper registers an XPC service (com.alienator88.Pearcleaner.PearcleanerHelper) and accepts unauthenticated connections from any local process. It exposes a method that executes arbitrary shell commands. This allows any local unprivileged user to escalate privileges to root once the helper is approved and active. This issue is fixed in version 4.5.2.

Key dates

02Disclosure timeline

August 1, 2025 CVE published

August 1, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-54595

Related vulnerabilities

CVE-2025-54595: Pearcleaner's unauthenticated access to privileged XPC helper allows root command execution

01Description

02Disclosure timeline

03References

04Related CVE