CVE-2025-24258

Опубликовано: 12 мая 2025

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain root privileges.

Ссылки

https://support.apple.com/en-us/122373
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122717
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122718
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2025/May/8
http://seclists.org/fulldisclosure/2025/May/9

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.6 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.6 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.4 (исключая)

EPSS

Процентиль: 2%

0.00015

Низкий

7.8 High

CVSS3

Дефекты

CWE-269

Связанные уязвимости

GHSA-xq63-2jcc-9gm3

CVSS3: 7.8

github

9 месяцев назад

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain root privileges.

EPSS

Процентиль: 2%

0.00015

Низкий

7.8 High

CVSS3

Дефекты

CWE-269