Vulnerability Database

320,419

Total vulnerabilities in the database

CVE-2025-69604

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls.

Published: Jan 29, 2026
Updated: Jan 30, 2026
CVE: CVE-2025-69604
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

http://shirt.com
https://shirt-pocket.com/SuperDuper/SuperDuperDescription.html
https://www.shirtpocket.com/blog/index.php/shadedgrey/comments/superduper_v312_now_available

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo