Privilege Escalation Vulnerability in Pearcleaner by Alienator88
CVE-2025-54595

7.3HIGH

Key Information:

Vendor
CVE Published:
1 August 2025

What is CVE-2025-54595?

A vulnerability within the Pearcleaner application permits local unprivileged users to escalate their privileges to root level after the PearcleanerHelper has been approved and activated. This occurs due to the helper's XPC service, which accepts unauthenticated connections, allowing arbitrary shell command execution by local processes. The issue has been addressed in version 4.5.2, emphasizing the importance of updating to enhance system security.

Affected Version(s)

Pearcleaner >= 4.4.0, < 4.5.2

References

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.