CVE-2025-12792
📋 TL;DR
The Canva for Mac desktop app distributed through the Mac App Store was built without Apple's Hardened Runtime security feature. This allows a local attacker with unprivileged access to execute arbitrary code that inherits Canva's TCC permissions, potentially accessing protected resources like the camera, microphone, or files. Only Mac users who installed Canva from the Mac App Store before version 1.117.1 are affected.
💻 Affected Systems
- Canva for Mac
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
An attacker with local access could execute malicious code that inherits Canva's TCC permissions, potentially accessing sensitive user data (camera, microphone, files, contacts) or performing actions with Canva's privileges.
Likely Case
A malicious local user or malware could abuse this to escalate privileges and access protected resources that Canva has permission to use, potentially leading to data exfiltration or further system compromise.
If Mitigated
With proper access controls and updated software, the risk is limited to authorized users who might execute malicious payloads, but TCC permissions would still be inherited.
🎯 Exploit Status
Exploitation requires local access to the system and knowledge of how to inject code into the Canva process or replace its binaries.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.117.1
Vendor Advisory: https://trust.canva.com/?tcuUid=1e77a34b-f586-450b-b30d-b6e17d15b443
Restart Required: Yes
Instructions:
1. Open the Mac App Store. 2. Click on your profile picture. 3. Check for updates. 4. Update Canva to version 1.117.1 or later. 5. Restart the application.
🔧 Temporary Workarounds
Uninstall vulnerable version
macOSRemove the vulnerable Canva application until it can be updated
Drag Canva.app from Applications folder to Trash, then empty Trash
Restrict local access
allImplement strict access controls to limit who can log into affected systems
🧯 If You Can't Patch
- Remove Canva from systems where it's not essential
- Implement application allowlisting to prevent execution of unauthorized code
🔍 How to Verify
Check if Vulnerable:
Check Canva version in About Canva menu. If version is earlier than 1.117.1, you are vulnerable.Check Version:
Open Canva, click 'Canva' in menu bar, select 'About Canva'Verify Fix Applied:
Verify Canva version is 1.117.1 or later in About Canva menu. Check that Hardened Runtime is enabled using: codesign -dv --verbose=4 /Applications/Canva.app📡 Detection & Monitoring
Log Indicators:
- Unusual process execution from Canva directory
- Canva process spawning unexpected child processes
Network Indicators:
- Unexpected network connections originating from Canva process
SIEM Query:
process_name:"Canva" AND (process_child_count > 1 OR process_path_not:"/Applications/Canva.app/Contents/MacOS/Canva")