Security Advisory

CVE-2025-1413

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-28 08:25:24

Last updated 2025-10-03 09:05:06

Assigner CERT-PL

State PUBLISHED

Description

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions (rwxrwxrwx). This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and applications can exploit this vulnerability for privilege escalation. This issue affects DaVinci Resolve on MacOS in versions before 19.1.3.

← Browse all CVEs View on cve.org ↗