プラットフォーム
macos
コンポーネント
cherry-studio
修正版
1.7.1
CVE-2025-61929 is a critical Remote Code Execution (RCE) vulnerability affecting Cherry Studio versions up to 1.7.0-alpha.4 on macOS. This flaw allows attackers to execute arbitrary commands by crafting malicious cherrystudio:// protocol URLs, potentially leading to complete system compromise. A fix is available in version 1.7.1.
The vulnerability lies in how Cherry Studio handles the cherrystudio:// protocol, specifically when processing MCP (Model Configuration Provider) installation URLs. The application directly executes commands embedded within base64-encoded configuration data received through these URLs, without proper sanitization. An attacker could embed malicious code within a crafted URL, which, when opened by a user, would be executed on their system. This could lead to arbitrary code execution, allowing the attacker to install malware, steal sensitive data, or gain persistent access to the affected machine. The potential impact is severe, as the attacker gains full control over the system.
This vulnerability has been publicly disclosed and assigned a CVSS score of 9.7 (CRITICAL). While no active exploitation campaigns have been publicly confirmed at the time of writing, the ease of exploitation and the potential for widespread impact make it a high-priority concern. The vulnerability is not currently listed on CISA KEV. Public proof-of-concept exploits are likely to emerge given the vulnerability's nature.
Users of Cherry Studio on macOS, particularly those who frequently interact with external data sources or open URLs from untrusted sources, are at significant risk. Shared hosting environments where Cherry Studio is installed could also be vulnerable, potentially impacting multiple users.
• macos / application:
ls -l /Applications/Cherry Studio.app/Contents/MacOS/Cherry Studio | grep -q 'protocol_handler'• macos / file integrity:
md5 /Applications/Cherry Studio.app/Contents/Services/ProtocolClient.service• macos / process monitoring:
ps aux | grep -i 'cherrystudio://'Public Disclosure
エクスプロイト状況
EPSS
0.07% (21% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation is to immediately upgrade Cherry Studio to version 1.7.1 or later, which addresses this vulnerability. If upgrading is not immediately feasible, consider blocking the cherrystudio:// protocol within your firewall or network security policies. Additionally, educate users to be cautious about opening URLs from untrusted sources, especially those using custom protocols. Monitor network traffic for suspicious cherrystudio:// URLs. After upgrading, confirm the fix by attempting to open a known malicious URL (if available) and verifying that it no longer executes arbitrary code.
公開時点では、修正バージョンは利用できません。信頼できないソースからの `cherrystudio://` へのクリックを避けることをお勧めします。Cherry Studio のアップデートに注意し、修正バージョンが公開されたら、最新バージョンにアップデートしてください。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2025-61929 is a critical Remote Code Execution vulnerability in Cherry Studio for macOS, allowing attackers to execute commands via crafted URLs.
You are affected if you are using Cherry Studio versions 1.7.0-alpha.4 or earlier on macOS.
Upgrade Cherry Studio to version 1.7.1 or later to resolve this vulnerability. Consider blocking the cherrystudio:// protocol as a temporary workaround.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of future exploitation.
Refer to the Cherry Studio release notes and security advisories on their official website for the latest information.