CVE-2025-5995
MEDIUMCanon EOS Webcam Utility Pro for MAC OS <2.3.29 - Privilege Escalation
Title source: llmDescription
Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29) and earlier contains an improper directory permissions vulnerability. Exploitation of this vulnerability requires administrator access by a malicious user. An attacker could modify the directory, potentially resulting in code execution and ultimately leading to privilege escalation.
References (2)
Core 2
Core References
Various Sources vendor-advisory
mitigation
https://www.usa.canon.com/about-us/to-our-customers/vulnerability-mitigation-remediation-for-canon-eos-webcam-utility-pro-for-mac-os
Various Sources vendor-advisory
https://www.canon-europe.com/psirt/advisory-information
Scores
CVSS v4
4.6
EPSS
0.0015
EPSS Percentile
4.7%
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-732
Status
published
Products (1)
Canon USA Inc./Canon EOS Webcam Utility Pro
< 2.3d (2.3.29) (including)
Published
Jun 26, 2025
Tracked Since
Feb 18, 2026