Platform
macos
Component
com.alienator88.pearcleaner.pearcleanerhelper
Fixed in
4.4.1
CVE-2025-54595 describes a critical vulnerability within the PearcleanerHelper, a privileged helper tool bundled with the Pearcleaner macOS application. This flaw allows an unauthenticated local process to execute arbitrary shell commands with root privileges, potentially leading to complete system compromise. The vulnerability affects versions 4.4.0 through 4.5.1 and has been resolved in version 4.5.2.
The PearcleanerHelper, designed to perform privileged cleaning operations on macOS, registers an XPC service accessible to any local process without authentication. This service exposes a method that directly executes shell commands. An attacker who can interact with the local system can leverage this vulnerability to gain root access, install malware, modify system files, or exfiltrate sensitive data. Given the helper's root privileges, the blast radius of a successful exploitation is the entire macOS system. This vulnerability shares similarities with other XPC service vulnerabilities where improper access controls lead to privilege escalation.
CVE-2025-54595 was publicly disclosed on August 1, 2025. Currently, there are no known public exploits or active campaigns targeting this vulnerability. The EPSS score is pending evaluation. Monitor security advisories and threat intelligence feeds for updates on exploitation attempts.
Exploit Status
EPSS
0.02% (5% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-54595 is to immediately upgrade Pearcleaner to version 4.5.2 or later. If upgrading is not immediately feasible, consider isolating PearcleanerHelper processes to prevent unauthorized access. While a direct workaround is not available, restricting network access to the XPC service (com.alienator88.Pearcleaner.PearcleanerHelper) could limit the attack surface. Monitor system logs for suspicious process activity related to PearcleanerHelper and implement strict access controls on the system to limit the potential impact of a successful exploit.
Actualice Pearcleaner a la versión 4.5.2 o posterior. Esta versión corrige la vulnerabilidad que permite la ejecución de comandos arbitrarios con privilegios de root. Descargue la última versión desde la página oficial del desarrollador o desde la App Store.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-54595 is a HIGH severity vulnerability in PearcleanerHelper versions 4.4.0–4.5.1 for macOS, allowing unauthenticated local processes to execute arbitrary shell commands with root privileges.
If you are using PearcleanerHelper on macOS versions 4.4.0 through 4.5.1, you are potentially affected by this vulnerability. Upgrade to version 4.5.2 or later to mitigate the risk.
The recommended fix is to upgrade Pearcleaner to version 4.5.2 or later. If upgrading is not immediately possible, consider isolating the PearcleanerHelper process and restricting access to its XPC service.
As of August 1, 2025, there are no known public exploits or active campaigns targeting CVE-2025-54595, but continuous monitoring is advised.
Refer to the official Pearcleaner website or security advisories for the latest information and updates regarding CVE-2025-54595.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.