7.8
CVE-2025-24170
- EPSS 0.25%
- Veröffentlicht 31.03.2025 23:15:16
- Zuletzt bearbeitet 11.06.2026 19:16:26
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.16 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-276 Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
https://support.apple.com/en-us/122374
https://support.apple.com/en-us/122375
https://support.apple.com/en-us/122373
http://seclists.org/fulldisclosure/2025/Apr/10
http://seclists.org/fulldisclosure/2025/Apr/9