AI description
CVE-2025-24170 refers to a logic issue that was resolved through improved file handling. The vulnerability affects macOS Ventura 13.7.5 and macOS Sonoma 14.7.5. Successful exploitation of this vulnerability could allow an application to gain root privileges.
- Description
- A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An app may be able to gain root privileges.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- macos
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-276
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
15
Apparently I was credited for CVE-2025-24170 in the March security updates for macOS 13 Ventura, macOS 14 Sonoma, and macOS 15 Sequoia. My report was from June of 2024, so it'd pretty much fallen off my radar. https://t.co/qmamPk0Zvj
@stephancasas
6 Nov 2025
6850 Impressions
0 Retweets
72 Likes
7 Bookmarks
6 Replies
0 Quotes
CVE-2025-24170 A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An app may be able to gain root privileges. https://t.co/OZiigVc3gf
@CVEnew
31 Mar 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "345CC17A-CCA4-4B82-A645-A5226A8DAEBB",
"versionEndExcluding": "13.7.5"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D05DCA25-A1A0-4AEA-9F31-952803114EE2",
"versionEndExcluding": "14.7.5",
"versionStartIncluding": "14.0"
}
],
"operator": "OR"
}
]
}
]