CVE-2025-15523
📋 TL;DR
The macOS version of Inkscape bundles a Python interpreter that inherits the application's TCC permissions. Attackers with local access can execute arbitrary commands through this interpreter, accessing privacy-protected files without user prompts. This affects macOS users running vulnerable Inkscape versions.
💻 Affected Systems
- Inkscape
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
An attacker with local access could access sensitive files in protected folders (Documents, Desktop, Downloads, etc.), potentially stealing personal data, credentials, or confidential information without user awareness.
Likely Case
Local attackers or malware could leverage this to access user files in TCC-protected locations, potentially leading to data exfiltration or privacy violations.
If Mitigated
With proper access controls and updated software, the risk is limited to authorized users only, preventing unauthorized file access.
🎯 Exploit Status
Exploitation requires local user access and knowledge of how to invoke the bundled Python interpreter with malicious commands.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.4.3
Vendor Advisory: https://inkscape.org/
Restart Required: Yes
Instructions:
1. Download Inkscape 1.4.3 or later from inkscape.org. 2. Install the new version, replacing the old one. 3. Restart your system to ensure changes take effect.
🔧 Temporary Workarounds
Remove TCC permissions
macOSRevoke Inkscape's TCC permissions in System Settings to prevent access to protected folders.
Open System Settings > Privacy & Security > Files and Folders, then remove Inkscape's permissions
Uninstall vulnerable version
macOSRemove Inkscape until patched version can be installed.
Drag Inkscape.app to Trash, then empty Trash
🧯 If You Can't Patch
- Revoke Inkscape's TCC permissions in System Settings to limit access to protected folders.
- Restrict local user access to systems running vulnerable Inkscape versions.
🔍 How to Verify
Check if Vulnerable:
Check Inkscape version in About Inkscape menu. If version is below 1.4.3, you are vulnerable.Check Version:
Open Inkscape, go to Inkscape > About InkscapeVerify Fix Applied:
After updating, verify version is 1.4.3 or higher in About Inkscape menu.📡 Detection & Monitoring
Log Indicators:
- Unusual Python process execution from Inkscape bundle
- File access attempts to protected folders by Inkscape
Network Indicators:
- None - this is a local privilege issue
SIEM Query:
process_name:"python" AND parent_process_name:"Inkscape" AND command_line:"*"