Overview
CVE-2025-65843 identifies a high-severity insecure file handling vulnerability affecting Aquarius Desktop version 3.0.069 for macOS. This flaw stems from how the application generates support data archives, specifically in its handling of symbolic links within the user’s log directory. A local attacker can exploit this vulnerability to potentially read or modify arbitrary files on the system, especially when chained with other vulnerabilities like privilege escalation issues.
Technical Details
Aquarius Desktop’s support data archive generation feature recursively enumerates logs located in ~/Library/Logs/Aquarius. The application utilizes a JUCE directory iterator configured to follow symbolic links. Critically, the application fails to validate whether encountered files are symbolic links before writing their data to the support ZIP archive. An attacker can leverage this by creating symbolic links within the logs directory that point to sensitive files elsewhere on the system. When Aquarius Desktop builds the support ZIP, it will follow these symlinks and include the contents of the target files, regardless of their location or permissions (within the user’s access context). Furthermore, if the HelperTool privilege escalation issue is present, root-owned files could potentially be exposed.
CVSS Analysis
- CVE ID: CVE-2025-65843
- Published: 2025-12-03T17:15:54.457
- Severity: HIGH
- CVSS Score: 7.7
Possible Impact
A successful exploit of CVE-2025-65843 can lead to:
- Unauthorized Information Disclosure: Sensitive files on the system can be read by an attacker who gains access to the generated support archive.
- Arbitrary File Modification: In certain scenarios, attackers might be able to overwrite files via the symlink manipulation, potentially leading to system compromise.
- Privilege Escalation (Chained Exploit): When combined with other vulnerabilities (e.g., HelperTool privilege escalation), an attacker could potentially access and modify root-owned files.
Mitigation or Patch Steps
The recommended mitigation is to update Aquarius Desktop to a version that addresses this vulnerability. Specifically, the updated version should implement proper validation to ensure that symbolic links are not followed when building the support data archive. Users should also avoid placing any untrusted files or symbolic links in the ~/Library/Logs/Aquarius directory. Contact the software vendor for the latest patch or update information.
