CVE-2025-61929 — AI Deep Analysis Summary

🚨 **Essence**: Cherry Studio suffers from a **Code Injection** flaw. When processing `cherrystudio://mcp` URLs, it blindly executes commands found in **Base64-encoded** config data.…

🛡️ **Root Cause**: **CWE-94** (Code Injection). The application fails to sanitize input when handling the `cherrystudio://mcp` protocol.…

👥 **Affected**: Users of **Cherry Studio** (developed by **CherryHQ** / 千彗). Specifically, the component handling **MCP (Model Context Protocol)** URL schemes.…

💀 **Attacker Capabilities**: With **High Privileges**, hackers can execute **arbitrary commands** on the victim's machine.…

🔓 **Exploitation Threshold**: **Medium**. Requires **User Interaction (UI:R)** – the victim must click a malicious link or open a crafted `cherrystudio://mcp` URL.…

🌐 **Public Exploit**: Currently, **No Public PoC/Exploit** is listed in the provided data.…

🔍 **Self-Check**: Scan for applications using **Cherry Studio**. Look for custom URL handlers registered for `cherrystudio://`.…

✅ **Official Fix**: Yes. CherryHQ has published a security advisory (**GHSA-hh6w-rmjc-26f6**). 📥 **Action**: Update Cherry Studio to the latest patched version immediately.…

🚧 **No Patch Workaround**: Disable or unregister the `cherrystudio://` protocol handler if possible. 🚫 **User Education**: Warn users not to click unknown links or open files containing `cherrystudio://mcp` URLs.…

🔥 **Urgency**: **HIGH**. CVSS Vector `AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H` indicates a **Critical** severity score. 🚀 **Priority**: Patch immediately.…