CVE-2025-10751 – MacForge 1.2.0 Beta 1 contains an insecure XPC ... (How to Fix)

Q: What is the severity of CVE-2025-10751?

CVE-2025-10751 has a CVSS score of 7.8 (HIGH). MacForge 1.2.0 Beta 1 contains an insecure XPC service that allows local, unprivileged users to escalate privileges to root. This vulnerability enables attackers with local access to gain complete system control. Only users running this specific beta version are affected.

📋 TL;DR

MacForge 1.2.0 Beta 1 contains an insecure XPC service that allows local, unprivileged users to escalate privileges to root. This vulnerability enables attackers with local access to gain complete system control. Only users running this specific beta version are affected.

💻 Affected Systems

Products:

MacForge

Versions: 1.2.0 Beta 1

Operating Systems: macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific beta version; stable releases may not be vulnerable.

📦 What is this software?

Macforge by Macenhance

View all CVEs affecting Macforge →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with root-level persistence, data theft, and installation of backdoors or ransomware.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls, install unauthorized software, or access protected files.

🟢

If Mitigated

Limited impact if proper access controls and monitoring are in place, though privilege escalation remains possible.

🌐 Internet-Facing: LOW - This is a local privilege escalation requiring local access to the system.

🏢 Internal Only: HIGH - Any local user or compromised account can exploit this to gain root privileges.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access but is straightforward once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check for updates beyond 1.2.0 Beta 1

Vendor Advisory: https://github.com/MacEnhance/MacForge

Restart Required: Yes

Instructions:

1. Open MacForge. 2. Check for updates in preferences. 3. Install latest version. 4. Restart system.

🔧 Temporary Workarounds

Uninstall MacForge

all

Remove the vulnerable software entirely

sudo rm -rf /Applications/MacForge.app
sudo rm -rf ~/Library/Application\ Support/MacForge

Disable XPC Service

all

Prevent the vulnerable service from running

sudo launchctl unload /Library/LaunchDaemons/com.macenhance.MacForgeHelper.plist
sudo rm /Library/LaunchDaemons/com.macenhance.MacForgeHelper.plist

🧯 If You Can't Patch

Restrict local user access to systems running MacForge
Implement strict monitoring for privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check MacForge version in About dialog or run: defaults read /Applications/MacForge.app/Contents/Info.plist CFBundleShortVersionString

Check Version:

defaults read /Applications/MacForge.app/Contents/Info.plist CFBundleShortVersionString

Verify Fix Applied:

Verify version is not 1.2.0 Beta 1 and check that XPC service is not running: launchctl list | grep macforge

📡 Detection & Monitoring

Log Indicators:

Unexpected privilege escalation events
MacForge XPC service activity from non-admin users

Network Indicators:

Local privilege escalation typically has minimal network indicators

SIEM Query:

process_name:"MacForge" AND event_type:"privilege_escalation"

📊 Metadata

CVE ID: CVE-2025-10751

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-732

EPSS Score: 0.02% exploit probability (4.9th percentile)

Published: October 4, 2025

Last Updated: December 22, 2025

🔗 References

https://fluidattacks.com/advisories/m83 Exploit,Third Party Advisory
https://github.com/MacEnhance/MacForge Third Party Advisory
https://www.macenhance.com/macforge Product
https://fluidattacks.com/advisories/m83 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10751, you might also want to check these: