File System Modification Issue in Apple macOS Products
CVE-2025-24130

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 27 January 2025

What is CVE-2025-24130?

A vulnerability has been identified in Apple macOS products where an application could exploit insufficient checks to modify protected parts of the file system. This flaw raises significant concerns regarding system integrity and data security. Apple has addressed this vulnerability in the latest updates, emphasizing the importance of keeping systems up to date to mitigate such risks. For users, applying the updates is crucial to protect against potential unauthorized modifications.

Affected Version(s)

macOS < 14.7

macOS < 15.3

macOS < 13.7

References

https://support.apple.com/en-us/122069

https://support.apple.com/en-us/122068

https://support.apple.com/en-us/122070

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Jan 17, 2025