Path Traversal Vulnerability in usbmuxd by Apple
CVE-2025-66004

5.1MEDIUM

Key Information:

Vendor: Libimobiledevice
Status: Usbmuxd
Vendor: CVE Published:; 10 December 2025

🔔 Create Libimobiledevice Vulnerability Alert

What is CVE-2025-66004?

A Path Traversal vulnerability in usbmuxd allows local users to gain unauthorized access by escalating privileges to the service user. This affects versions prior to 3ded00c9985a5108cfc7591a309f9a23d57a8cba, posing a significant security risk that enables malicious local users to execute actions as a more privileged system user.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

usbmuxd 0 < 3ded00c9985a5108cfc7591a309f9a23d57a8cba

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66004

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Dec 10, 2025
Vulnerability Reserved
Nov 19, 2025

Credit

Wolfgang Frisch of SUSE

JSON

Libimobiledevice

What is CVE-2025-66004?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.