Electron Capture is Vulnerable to TCC Bypass via Misconfigured Node...

5.5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

Electron Capture facilitates video playback for screen-sharing and capture. In versions 2.19.1 and below, the elecap app on macOS allows local unprivileged users to bypass macOS TCC privacy protections by enabling ELECTRON_RUN_AS_NODE. This environment variable allows arbitrary Node.js code to be executed via the -e flag, which runs inside the main Electron context, inheriting any previously granted TCC entitlements (such as access to Documents, Downloads, etc.). This issue is fixed in version 2.20.0.

Basic Information

ID CVE-2025-54871

Source GitHub_M

Published Aug 5, 2025 at 00:03

Modified Aug 5, 2025 at 14:55

Affected Product

Vendor steveseguin

Product electroncapture

Version < 2.20.0

Affected Versions steveseguin electroncapture < 2.20.0

CWE Classification

CWE-284

References

{
    "lastseen": "",
    "description": "Electron Capture facilitates video playback for screen-sharing and capture. In versions 2.19.1 and below, the elecap app on macOS allows local unprivileged users to bypass macOS TCC privacy protections by enabling ELECTRON_RUN_AS_NODE. This environment variable allows arbitrary Node.js code to be executed via the -e flag, which runs inside the main Electron context, inheriting any previously granted TCC entitlements (such as access to Documents, Downloads, etc.). This issue is fixed in version 2.20.0.",
    "published": "2025-08-05T00:03:09.902Z",
    "modified": "2025-08-05T14:55:27.686Z",
    "type": "cve",
    "title": "Electron Capture is Vulnerable to TCC Bypass via Misconfigured Node Fuses (macOS)",
    "source": "GitHub_M",
    "references": "https://github.com/steveseguin/electroncapture/security/advisories/GHSA-8849-p3j4-jq4h\nhttps://github.com/steveseguin/electroncapture/commit/3837f54e75911bb99fa45cfa138a5e401d16f531\nhttps://github.com/steveseguin/electroncapture/releases/tag/2.20.0",
    "id": "CVE-2025-54871",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "steveseguin electroncapture < 2.20.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "electroncapture",
    "version": "< 2.20.0",
    "vendor": "steveseguin",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Electron Capture is Vulnerable to TCC Bypass via Misconfigured Node Fuses (macOS)_CVE-2025-54871