Logic Issue in Apple's macOS Affecting User Contact Information
CVE-2025-24100

3.3LOW

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 27 January 2025

What is CVE-2025-24100?

A logic issue was identified in Apple's macOS that could allow unauthorized applications to access sensitive user contact information. This vulnerability has been addressed in the following updates: macOS Ventura 13.7.3, macOS Sequoia 15.3, and macOS Sonoma 14.7.3. Users are urged to update their systems promptly to protect against potential exploitation.

Affected Version(s)

macOS < 14.7

macOS < 15.3

macOS < 13.7

References

https://support.apple.com/en-us/122069

https://support.apple.com/en-us/122068

https://support.apple.com/en-us/122070

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Jan 17, 2025