Information Disclosure Vulnerability in macOS Sequoia by Apple
CVE-2025-24134

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 27 January 2025

Badges

👾 Exploit Exists📰 News Worthy

Summary

An information disclosure vulnerability was identified in macOS Sequoia that could allow apps to access sensitive user data. This issue, now addressed in version 15.3, highlights the importance of robust privacy controls within the operating system to safeguard personal information.

Affected Version(s)

macOS < 15.3

News Articles

Intego

CVE-2025-24134 CVE-2025-24166

iOS 18.3 and macOS Sequoia 15.3 patch first Apple zero-day of 2025 - The Mac Security Blog

Apple released critically urgent security updates this week for macOS, iOS, iPadOS, visionOS, and tvOS to address a bug that was actively exploited in the wild.

4 weeks ago

References

https://support.apple.com/en-us/122068

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Feb 11, 2025
📰
First article discovered by Intego
Feb 11, 2025
Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Jan 17, 2025