CVE-2025-24274 | THREATINT

Description

An input validation issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A malicious app may be able to gain root privileges.

PUBLISHED Reserved 2025-01-17 | Published 2025-05-12 | Updated 2026-04-02 | Assigner apple

Problem types

A malicious app may be able to gain root privileges

Product status

Any version before 13.7.6

affected

Any version before 14.7.6

affected

Any version before 15.5

affected

References

seclists.org/fulldisclosure/2025/May/9

seclists.org/fulldisclosure/2025/May/8

seclists.org/fulldisclosure/2025/May/7

support.apple.com/en-us/122716

support.apple.com/en-us/122717

support.apple.com/en-us/122718

cve.org (CVE-2025-24274)

nvd.nist.gov (CVE-2025-24274)

Download JSON