Access Control Vulnerability in Apple macOS and iPadOS Products
CVE-2025-24215

5.5MEDIUM

Key Information:

Vendor
Apple
Vendor
CVE Published:
31 March 2025

Summary

A security issue has been identified in Apple’s macOS and iPadOS systems, where a malicious application could potentially exploit access controls to gain unauthorized access to private information. This vulnerability has been addressed with enhancements in the verification processes, ensuring improved security in the affected products. Users are encouraged to update to the latest versions available to mitigate any risk associated with this flaw.

Affected Version(s)

iPadOS < 17.7

macOS < 15.4

macOS < 14.7

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.