AI description
CVE-2025-24103 is a security vulnerability affecting Apple's macOS operating system. Disclosed on January 27, 2025, it impacts versions such as Ventura 13.7.3, Sequoia 15.3, and Sonoma 14.7.3. The vulnerability lies in the Security component of macOS and results from inadequate validation of symlinks. The flaw can be exploited by a malicious application to gain unauthorized access to protected user data, potentially compromising user privacy and data confidentiality. Apple addressed this vulnerability by improving symlink validation in security updates released on January 27, 2025. Users are advised to update their macOS to the patched versions: Ventura 13.7.3, Sequoia 15.3, or Sonoma 14.7.3.
- Description
- This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access protected user data.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- macos
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
CVE-2025-24103 : General TCC Bypass - https://t.co/xuSreI58Iu by @guluisacat #infosec #Apple #DFIR https://t.co/bbg0aKMbBS
@Din3zh
8 Aug 2025
1033 Impressions
6 Retweets
22 Likes
11 Bookmarks
0 Replies
0 Quotes
New Blog: CVE-2025-24103 : General TCC Bypass https://t.co/8pBcq889at
@Guluisacat
7 Aug 2025
6625 Impressions
16 Retweets
98 Likes
48 Bookmarks
1 Reply
0 Quotes
CVE-2025-24103 This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be abl… https://t.co/6ldYCEmu2R
@CVEnew
27 Jan 2025
357 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88",
"versionEndExcluding": "13.7.3"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E",
"versionEndExcluding": "14.7.3",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF",
"versionEndExcluding": "15.3",
"versionStartIncluding": "15.0"
}
],
"operator": "OR"
}
]
}
]