CVE-2025-66004
📋 TL;DR
A path traversal vulnerability in usbmuxd allows local users to escalate privileges to the service user account. This affects systems running vulnerable versions of usbmuxd, primarily Linux distributions that include this USB multiplexing daemon. Attackers must have local access to exploit this vulnerability.
💻 Affected Systems
- usbmuxd
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to the usbmuxd service user, potentially allowing further system compromise if the service user has elevated permissions.
Likely Case
Local user gains usbmuxd service user privileges, enabling unauthorized access to USB device management functions.
If Mitigated
Minimal impact with proper access controls and service isolation in place.
🎯 Exploit Status
Exploitation requires local access and knowledge of path traversal techniques. No public exploit code has been identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version including commit 3ded00c9985a5108cfc7591a309f9a23d57a8cba or later
Vendor Advisory: https://lists.debian.org/debian-lts-announce/2025/12/msg00027.html
Restart Required: Yes
Instructions:
1. Update usbmuxd package from your distribution's repository. 2. Restart the usbmuxd service. 3. For Debian-based systems: sudo apt update && sudo apt upgrade usbmuxd. 4. For SUSE systems: use zypper or YaST to update usbmuxd package.
🔧 Temporary Workarounds
Restrict local user access
linuxLimit which users have local shell access to systems running usbmuxd
Service isolation
linuxRun usbmuxd with minimal privileges using systemd or container isolation
sudo systemctl edit usbmuxd
Add: [Service]\nDynamicUser=yes\nPrivateTmp=yes\nProtectSystem=strict
🧯 If You Can't Patch
- Implement strict access controls to limit which users can access the system locally
- Monitor for suspicious activity involving usbmuxd service or privilege escalation attempts
🔍 How to Verify
Check if Vulnerable:
Check usbmuxd version: usbmuxd --version or dpkg -l | grep usbmuxd or rpm -q usbmuxdCheck Version:
usbmuxd --version 2>/dev/null || dpkg -l usbmuxd 2>/dev/null || rpm -q usbmuxd 2>/dev/nullVerify Fix Applied:
Verify installed version includes commit 3ded00c9985a5108cfc7591a309f9a23d57a8cba or check package version is updated per vendor advisory📡 Detection & Monitoring
Log Indicators:
- Unusual usbmuxd process activity
- Failed privilege escalation attempts in system logs
- Suspicious file access patterns involving usbmuxd
Network Indicators:
- Local connections to usbmuxd socket from unexpected users
SIEM Query:
process_name="usbmuxd" AND (event_type="privilege_escalation" OR user_change=true)