CVE-2025-5199
LPE on Multipass for macOS
In Canonical Multipass up to and including version 1.15.1 on macOS, incorrect default permissions allow a local attacker to escalate privileges by modifying files executed with administrative privileges by a Launch Daemon during system startup.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected products
Canonical · MultipassWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →