Permissions Issue in Apple's macOS and iOS Products
CVE-2025-24097

5MEDIUM

Key Information:

Vendor: Apple
Status: TV OS; iOS And iPad OS; Mac OS
Vendor: CVE Published:; 31 March 2025

Summary

A permissions issue has been identified in Apple's macOS and iOS products, allowing potentially unauthorized access to sensitive file metadata. This vulnerability has been addressed with the implementation of additional restrictions in the affected versions, enhancing the security framework of the platforms. Users are encouraged to update to the latest versions to mitigate any risks associated with this vulnerability.

Affected Version(s)

iOS and iPadOS < 18.4

macOS < 15.4

macOS < 14.7

References

https://support.apple.com/en-us/122377

https://support.apple.com/en-us/122371

https://support.apple.com/en-us/122373

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Jan 17, 2025