whuan132 AIBattery com.collweb.AIBatteryHelper BatteryXPCService.swift missing authentication_CVE-2025-10672

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires a local approach. The exploit has been made public and could be used.

Basic Information

ID CVE-2025-10672

Source VulDB

Published Sep 18, 2025 at 14:32

Affected Product

Vendor whuan132

Product AIBattery

Version 1.0.0

Affected Versions whuan132 AIBattery 1.0.0
whuan132 AIBattery 1.0.1
whuan132 AIBattery 1.0.2
whuan132 AIBattery 1.0.3
whuan132 AIBattery 1.0.4
whuan132 AIBattery 1.0.5
whuan132 AIBattery 1.0.6
whuan132 AIBattery 1.0.7
whuan132 AIBattery 1.0.8
whuan132 AIBattery 1.0.9

CWE Classification

CWE-306 CWE-287

References

{
    "lastseen": "",
    "description": "A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires a local approach. The exploit has been made public and could be used.",
    "published": "2025-09-18T14:32:08.163Z",
    "modified": "2025-09-18T14:32:08.163Z",
    "type": "cve",
    "title": "whuan132 AIBattery com.collweb.AIBatteryHelper BatteryXPCService.swift missing authentication",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.324793\nhttps://vuldb.com/?ctiid.324793\nhttps://vuldb.com/?submit.653159\nhttps://github.com/SwayZGl1tZyyy/n-days/blob/main/AIBattery-Charge-Limiter/README.md\nhttps://github.com/SwayZGl1tZyyy/n-days/blob/main/AIBattery-Charge-Limiter/README.md#proof-of-concept",
    "id": "CVE-2025-10672",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306",
        "CWE-287"
    ],
    "cvelist": null,
    "sourceData": "whuan132 AIBattery 1.0.0\nwhuan132 AIBattery 1.0.1\nwhuan132 AIBattery 1.0.2\nwhuan132 AIBattery 1.0.3\nwhuan132 AIBattery 1.0.4\nwhuan132 AIBattery 1.0.5\nwhuan132 AIBattery 1.0.6\nwhuan132 AIBattery 1.0.7\nwhuan132 AIBattery 1.0.8\nwhuan132 AIBattery 1.0.9",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AIBattery",
    "version": "1.0.0",
    "vendor": "whuan132",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}