Permissions Flaw in macOS Software Allowing Elevated Privileges
CVE-2025-24258

7.8HIGH

Key Information:

Vendor

Apple

Status
Vendor
CVE Published:
12 May 2025

What is CVE-2025-24258?

A permissions issue was discovered that allows applications to potentially gain root privileges on vulnerable versions of Apple's macOS. This could lead to unauthorized access and control over the system. Apple has introduced additional restrictions to mitigate this issue in the latest software updates, including macOS Sequoia 15.4, macOS Ventura 13.7.6, and macOS Sonoma 14.7.6.

Affected Version(s)

macOS < 14.7

macOS < 13.7

macOS < 15.4

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-24258 : Permissions Flaw in macOS Software Allowing Elevated Privileges