QwikSec

Security Database

CVE

CWE

Training

CVE-2025-1413

Published: Feb 28, 2025

Modified: Oct 3, 2025

PUBLISHED

Description

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions (rwxrwxrwx). This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and applications can exploit this vulnerability for privilege escalation. This issue affects DaVinci Resolve on MacOS in versions before 19.1.3.

Vendor	Product	Versions
Blackmagic Design Inc	DaVinci Resolve	affected `0 - < 19.1.3`

Weaknesses (CWE)

References

https://cert.pl/en/posts/2025/02/CVE-2025-1413/

third-party-advisory

https://cert.pl/posts/2025/02/CVE-2025-1413/

third-party-advisory

https://apps.apple.com/pl/app/davinci-resolve/id571213070?mt=12

product

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.