Input Validation Flaw in macOS Products from Apple
CVE-2025-24255

8.4HIGH

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 31 March 2025

Summary

An input validation flaw has been identified in Apple's macOS products, where an application may exploit file access controls, enabling it to escape its designated sandbox environment. This vulnerability affects macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. Apple has addressed this issue with enhanced input validation to prevent such security breaches, ensuring greater protection against unauthorized access.

Affected Version(s)

macOS < 15.4

macOS < 14.7

macOS < 13.7

References

https://support.apple.com/en-us/122373

https://support.apple.com/en-us/122374

https://support.apple.com/en-us/122375

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Jan 17, 2025