Blackmagic DaVinci Resolve Incorrect File Permissions Vulnerability Allowing Privilege Escalation on macOS

Vulnerability

A vulnerability in Blackmagic DaVinci Resolve on macOS was identified, where the application was installed with overly permissive file rights (rwxrwxrwx). This permission setting deviates from standard macOS security norms, which dictate that applications should have drwxr-xr-x permissions. The excessive permissions create an opportunity for Dylib Hijacking, a technique that can be exploited by the guest account, other users, and applications to escalate privileges. This vulnerability affects all DaVinci Resolve versions on macOS prior to 19.1.3.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation on the affected system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Blackmagic DaVinci Resolve Incorrect File Permissions Vulnerability Allowing Privilege Escalation on macOS

Vulnerability

Impact

Affected Products

Blackmagic Design DaVinci Resolve

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating