Access Control Vulnerability in Apple macOS Products
CVE-2025-24280

5.5MEDIUM

Key Information:

Vendor
Apple
Status
Mac OS
Vendor
CVE Published:
31 March 2025

Summary

An access control vulnerability was identified in Apple's macOS, where certain applications could circumvent sandbox restrictions, potentially allowing unauthorized access to user-sensitive data. This issue has been addressed in macOS Sequoia 15.4 and macOS Sonoma 14.7.5 to enhance security measures and protect user privacy.

Affected Version(s)

macOS < 15.4

macOS < 14.7

References

https://support.apple.com/en-us/122373
https://support.apple.com/en-us/122374

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.