Arbitrary Code Execution Vulnerability in macOS by Apple
CVE-2025-24119

7.8HIGH

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 30 July 2025

What is CVE-2025-24119?

The vulnerability allows applications on macOS to potentially execute arbitrary code outside of their designated sandbox environment or gain elevated privileges. This issue has been addressed in recent updates, enhancing state management mechanisms to mitigate risks and protect user systems. Users of macOS Sequoia 15.3, Ventura 13.7.7, and Sonoma 14.7.7 should ensure they are running the latest versions to secure their devices against this security threat.

Affected Version(s)

macOS < 15.3

macOS < 14.7

macOS < 13.7

References

https://support.apple.com/en-us/122068

https://support.apple.com/en-us/124150

https://support.apple.com/en-us/124151

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025