CVE-2025-8672 – This vulnerability allows local attackers on ma... (How to Fix)

Q: What is the severity of CVE-2025-8672?

CVE-2025-8672 has a CVSS score of 7.8 (HIGH). This vulnerability allows local attackers on macOS to abuse GIMP's bundled Python interpreter to access privacy-protected files without user consent. The Python interpreter inherits the Transparency, Consent, and Control (TCC) permissions granted to GIMP, enabling unauthorized access to user data. Only macOS users running vulnerable versions of GIMP are affected.

📋 TL;DR

This vulnerability allows local attackers on macOS to abuse GIMP's bundled Python interpreter to access privacy-protected files without user consent. The Python interpreter inherits the Transparency, Consent, and Control (TCC) permissions granted to GIMP, enabling unauthorized access to user data. Only macOS users running vulnerable versions of GIMP are affected.

💻 Affected Systems

Products:

GIMP (GNU Image Manipulation Program)

Versions: All macOS versions before 3.1.4.2

Operating Systems: macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects macOS due to TCC framework. Requires GIMP to have been previously granted TCC permissions to specific folders.

📦 What is this software?

Gimp by Gimp

View all CVEs affecting Gimp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access could read sensitive files from privacy-protected folders (Documents, Desktop, Downloads, etc.), potentially stealing personal data, credentials, or confidential information without triggering security prompts.

🟠

Likely Case

Malicious local users or malware could leverage this to access user documents, photos, and other protected files that GIMP had previously been granted permission to access.

🟢

If Mitigated

With proper access controls and updated software, the risk is limited to authorized users only, preventing unauthorized file access.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local user access, not directly exploitable over the internet.

🏢 Internal Only: HIGH - Local attackers or malware on compromised systems can exploit this to bypass macOS privacy protections and access sensitive user data.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local user access and knowledge of how to invoke the bundled Python interpreter with malicious commands. References show similar TCC bypass techniques have been used in malware.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.1.4.2

Vendor Advisory: https://gitlab.gnome.org/GNOME/gimp/-/issues/13848

Restart Required: No

Instructions:

1. Open GIMP. 2. Go to GIMP menu > About GIMP to check current version. 3. If version is below 3.1.4.2, download and install the latest version from https://www.gimp.org/downloads/. 4. Verify installation by checking version again.

🔧 Temporary Workarounds

Revoke GIMP TCC Permissions

macOS

Remove GIMP's access to privacy-protected folders in macOS System Settings to prevent exploitation.

1. Open System Settings > Privacy & Security > Files and Folders
2. Find GIMP in the list
3. Toggle off all folder permissions

Uninstall Vulnerable GIMP Version

macOS

Remove the vulnerable application until patched version can be installed.

1. Move GIMP.app from Applications folder to Trash
2. Empty Trash

🧯 If You Can't Patch

Restrict local user access to systems with vulnerable GIMP installations
Implement application allowlisting to prevent unauthorized execution of GIMP's Python interpreter

🔍 How to Verify

Check if Vulnerable:

Check GIMP version: Open GIMP, go to GIMP menu > About GIMP. If version is below 3.1.4.2, the system is vulnerable.

Check Version:

/Applications/GIMP.app/Contents/MacOS/gimp --version

Verify Fix Applied:

After updating, verify GIMP version is 3.1.4.2 or higher using the same About GIMP menu.

📡 Detection & Monitoring

Log Indicators:

Unusual Python process execution from GIMP bundle path
File access to protected folders by GIMP Python processes outside normal usage patterns

Network Indicators:

None - this is a local file access vulnerability

SIEM Query:

Process execution where parent_process contains 'GIMP' and process contains 'python' AND file_access events to protected folders (Documents, Desktop, Downloads)

📊 Metadata

CVE ID: CVE-2025-8672

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-276

EPSS Score: 0.02% exploit probability (4.6th percentile)

Published: August 11, 2025

Last Updated: September 12, 2025

🔗 References

https://cert.pl/en/posts/2025/08/tcc-bypass/ Third Party Advisory
https://gitlab.gnome.org/GNOME/gimp/-/issues/13848 Issue Tracking
https://gitlab.gnome.org/Infrastructure/gimp-macos-build Product
https://www.jamf.com/blog/zero-day-tcc-bypass-discovered-in-xcsset-malware/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-8672, you might also want to check these: