{"data":{"id":"58ebfbda-c140-4567-9b2c-cfb78035cd52","title":"CVE-2025-52573: iOS Simulator MCP Server (ios-simulator-mcp) is a Model Context Protocol (MCP) server for interacting with iOS simulator","summary":"iOS Simulator MCP Server (ios-simulator-mcp) versions before 1.3.3 have a command injection vulnerability (a security flaw where attackers insert shell commands into input that gets executed). The vulnerability exists because the `ui_tap` tool uses Node.js's `exec` function unsafely, allowing an attacker to trick an LLM through prompt injection (feeding hidden instructions to an AI to make it behave differently) to pass shell metacharacters like `;` or `&&` in parameters, which can execute unintended commands on the server's computer.","solution":"Update to version 1.3.3, which contains a patch for the issue.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-52573","publishedAt":"2025-06-26T14:15:30.577Z","cveId":"CVE-2025-52573","cweIds":["CWE-78"],"cvssScore":"6","cvssSeverity":"medium","severity":"medium","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["ios-simulator-mcp"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00019,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-88"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}