exploitDog

CVE-2025-24245

Опубликовано: 31 мар. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

This issue was addressed by adding a delay between verification code attempts. This issue is fixed in macOS Sequoia 15.4. A malicious app may be able to access a user's saved passwords.

Ссылки

https://support.apple.com/en-us/122373
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2025/Apr/8

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 15.4 (исключая)

EPSS

Процентиль: 58%

0.00366

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-crwm-v9wf-m9pg

CVSS3: 9.8

github

10 месяцев назад

This issue was addressed by adding a delay between verification code attempts. This issue is fixed in macOS Sequoia 15.4. A malicious app may be able to access a user's saved passwords.

EPSS

Процентиль: 58%

0.00366

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-862