CVE-2025-65843

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the ~/Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius recursively enumerates logs using a JUCE directory iterator configured to follow symlinks, and later writes file data without validating whether the target is a symbolic link. A local attacker can exploit this behavior by planting symlinks to arbitrary filesystem locations, resulting in unauthorized disclosure or modification of arbitrary files. When chained with the associated HelperTool privilege escalation issue, root-owned files may also be exposed.

CVSS v3 7.7 HIGH

7.7^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://almightysec.com/insecure-file-handling-via-symlink/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:acustica-audio:aquarius:3.0.069:*:*:*:*:macos:*:*

History

18 Dec 2025, 20:34

Type	Values Removed	Values Added
First Time		Acustica-audio Acustica-audio aquarius
References	~~() https://almightysec.com/insecure-file-handling-via-symlink/ -~~	() https://almightysec.com/insecure-file-handling-via-symlink/ - Exploit, Third Party Advisory
CPE		cpe:2.3:a:acustica-audio:aquarius:3.0.069:::::macos::

03 Dec 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-03 17:15

Updated : 2025-12-18 20:34

NVD link : CVE-2025-65843

Mitre link : CVE-2025-65843

CVE.ORG link : CVE-2025-65843

JSON object : View

Products Affected

acustica-audio

aquarius

CWE

CWE-59

Improper Link Resolution Before File Access ('Link Following')

7.7 /10