CVE-2025-43515

Summary

The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
AppleCompressor0 < 4.11.1affected

Weaknesses

  • An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References