Shirt-Pocket: >> Superduper! Security Vulnerabilities
An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-01
An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-01
Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-12-01