Local Information Disclosure in Apple Products
CVE-2024-54469

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS; Visionos; iOS And iPad OS
Vendor: CVE Published:; 10 March 2025

Summary

A vulnerability has been identified in various Apple operating systems where a local user can potentially leak sensitive user information. This issue required enhanced checks to prevent unauthorized access to confidential data. Users are advised to update their systems to the latest versions, including macOS Ventura 13.7, macOS Sequoia 15, macOS Sonoma 14.7, visionOS 2, iOS 18, and iPadOS 18, to mitigate this risk.

Affected Version(s)

iOS and iPadOS < 18

macOS < 13.7

macOS < 15

References

https://support.apple.com/en-us/121234

https://support.apple.com/en-us/121238

https://support.apple.com/en-us/121249

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 10, 2025
Vulnerability Reserved
Dec 3, 2024