CVE-2025-61228 – A local privilege escalation vulnerability in S... (How to Fix)

Q: What is the severity of CVE-2025-61228?

CVE-2025-61228 has a CVSS score of 7.8 (HIGH). A local privilege escalation vulnerability in Shirt Pocket SuperDuper! backup software allows attackers to execute arbitrary code through the software update mechanism. This affects users running version 3.10 and earlier on macOS systems. Attackers with local access can exploit this to gain elevated privileges.

📋 TL;DR

A local privilege escalation vulnerability in Shirt Pocket SuperDuper! backup software allows attackers to execute arbitrary code through the software update mechanism. This affects users running version 3.10 and earlier on macOS systems. Attackers with local access can exploit this to gain elevated privileges.

💻 Affected Systems

Products:

Shirt Pocket SuperDuper!

Versions: 3.10 and earlier

Operating Systems: macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. The software update mechanism is typically enabled by default.

📦 What is this software?

Superduper\! by Shirt Pocket

View all CVEs affecting Superduper\! →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with root privileges, allowing installation of persistent malware, data theft, and complete control of the affected system.

🟠

Likely Case

Local privilege escalation leading to unauthorized software installation, data access, and lateral movement within the network.

🟢

If Mitigated

Limited impact if proper access controls and monitoring are in place, though local attackers could still gain elevated privileges.

🌐 Internet-Facing: LOW - This is a local attack vector requiring physical or remote access to the system.

🏢 Internal Only: HIGH - Local attackers on the same system can exploit this vulnerability to gain elevated privileges.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access to the system. The CWE-494 classification suggests download of code without integrity check.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.11

Vendor Advisory: https://www.shirtpocket.com/blog/index.php/shadedgrey/comments/superduper_security_update_v311/

Restart Required: Yes

Instructions:

1. Download SuperDuper! version 3.11 from the official website. 2. Install the update following the standard installation process. 3. Restart the system to ensure all components are updated.

🔧 Temporary Workarounds

Disable automatic updates

all

Prevent the vulnerable update mechanism from being triggered

Open SuperDuper! > Preferences > Updates > Uncheck 'Check for updates automatically'

Remove update privileges

all

Restrict write access to update directories

sudo chmod -R 755 /Applications/SuperDuper!.app/Contents/Resources/

🧯 If You Can't Patch

Restrict local access to systems running vulnerable versions
Implement strict privilege separation and monitor for unusual process execution

🔍 How to Verify

Check if Vulnerable:

Check SuperDuper! version in About dialog or run: defaults read /Applications/SuperDuper!.app/Contents/Info.plist CFBundleShortVersionString

Check Version:

defaults read /Applications/SuperDuper!.app/Contents/Info.plist CFBundleShortVersionString

Verify Fix Applied:

Verify version is 3.11 or higher using the same command

📡 Detection & Monitoring

Log Indicators:

Unusual process execution from SuperDuper! update directories
Failed update attempts with suspicious payloads

Network Indicators:

Unexpected outbound connections from SuperDuper! process during update checks

SIEM Query:

process_name:SuperDuper* AND (event_type:process_execution OR event_type:file_write) AND file_path:*update*

📊 Metadata

CVE ID: CVE-2025-61228

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-494

EPSS Score: 0.01% exploit probability (0.9th percentile)

Published: December 1, 2025

Last Updated: December 5, 2025

🔗 References

http://shirt.com Not Applicable
https://shirt-pocket.com/SuperDuper/SuperDuperDescription.html Product
https://www.shirtpocket.com/blog/index.php/shadedgrey/comments/superduper_security_update_v311/ Release Notes

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-61228, you might also want to check these: