- Description
- A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An app may be able to gain root privileges.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- macos
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-276
- Hype score
- Not currently trending
Apparently I was credited for CVE-2025-24170 in the March security updates for macOS 13 Ventura, macOS 14 Sonoma, and macOS 15 Sequoia. My report was from June of 2024, so it'd pretty much fallen off my radar. https://t.co/qmamPk0Zvj
@stephancasas
6 Nov 2025
6850 Impressions
0 Retweets
72 Likes
7 Bookmarks
6 Replies
0 Quotes
CVE-2025-24170 A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An app may be able to gain root privileges. https://t.co/OZiigVc3gf
@CVEnew
31 Mar 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "345CC17A-CCA4-4B82-A645-A5226A8DAEBB",
"versionEndExcluding": "13.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D05DCA25-A1A0-4AEA-9F31-952803114EE2",
"versionEndExcluding": "14.7.5",
"versionStartIncluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]