AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-5255: The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple.security.cs.allow-dyld-

infovulnerability

security

Source: NVD/CVE DatabaseJune 20, 2025CVE-2025-5255

Summary

Phoenix Code on macOS has a security weakness where certain entitlements (special permissions) allow dylib injection, which means an attacker with basic system access can secretly load malicious code into applications and bypass TCC (Transparency, Consent, and Control, Apple's permission system). The injected code can only access resources the user previously allowed, though accessing new resources requires user confirmation through a system prompt.

Solution / Mitigation

This issue was fixed in commit 0c75fb57f89d0b7d9b180026bc2624b7dcf807da

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-276

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-5255

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%