CVE-2025-9474

Summary

A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used.

Affected Software

VendorProductVersion RangeStatus
MihomoParty1.8.0affected
MihomoParty1.8.1affected

Weaknesses

  • CWE-378: Creation of Temporary File With Insecure Permissions
  • CWE-377: Insecure Temporary File

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References