TCC Bypass via misconfigured Node fuses in Nozbe_CVE-2025-53813

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Description

The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency, Consent, and Control) permissions.
Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission.

This issue was fixed in version 2025.11 of Nozbe.

Basic Information

ID CVE-2025-53813

Source CERT-PL

Published Aug 26, 2025 at 12:22

Affected Product

Vendor Nozbe

Product Nozbe

Affected Versions Nozbe Nozbe 0

CWE Classification

CWE-276

References

{
    "lastseen": "",
    "description": "The configuration of Nozbe on macOS, specifically the \"RunAsNode\" fuse enabled, allows a\u00a0local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency, Consent, and Control) permissions.\u00a0\nAcquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission.\n\nThis issue was fixed in version 2025.11 of Nozbe.",
    "published": "2025-08-26T12:22:57.545Z",
    "modified": "2025-08-26T12:22:57.545Z",
    "type": "cve",
    "title": "TCC Bypass via misconfigured Node fuses in Nozbe",
    "source": "CERT-PL",
    "references": "https://cert.pl/en/posts/2025/08/tcc-bypass/\nhttps://nozbe.com/",
    "id": "CVE-2025-53813",
    "bulletinFamily": "",
    "cwe": [
        "CWE-276"
    ],
    "cvelist": null,
    "sourceData": "Nozbe Nozbe 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Nozbe",
    "version": "0",
    "vendor": "Nozbe",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}