Remote Code Execution Vulnerability in NiceHash QuickMiner Software
CVE-2025-56513

9.8CRITICAL

Key Information:

Vendor: NiceHash
Status: QuickMiner
Vendor: CVE Published:; 30 September 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-56513?

A significant vulnerability in NiceHash QuickMiner version 6.12.0 allows for remote code execution through unverified software updates. The application performs updates over HTTP without validating digital signatures or implementing hash checks. This flaw can be exploited by an attacker who redirects traffic to the update URL, enabling them to hijack the update process and deliver malicious executables that are automatically executed on the victim's system. This represents a dangerous supply chain attack vector that can have severe consequences for users.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-56513-NiceHash-Update-Chain-Compromise
Created by psycho-prince

References

https://medium.com/@princep49036142/hijacking-the-miner-h...

https://medium.com/@princep49036142/hijacking-the-miner-z...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Dec 28, 2025
👾
Exploit known to exist
Dec 28, 2025
Vulnerability published
Sep 30, 2025
Vulnerability Reserved
Aug 17, 2025

JSON