AI description
CVE-2025-24170 refers to a logic issue that was resolved through improved file handling. The vulnerability affects macOS Ventura 13.7.5 and macOS Sonoma 14.7.5. Successful exploitation of this vulnerability could allow an application to gain root privileges.
- Description
- A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An app may be able to gain root privileges.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- macos
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-276
- Hype score
- Not currently trending
Apparently I was credited for CVE-2025-24170 in the March security updates for macOS 13 Ventura, macOS 14 Sonoma, and macOS 15 Sequoia. My report was from June of 2024, so it'd pretty much fallen off my radar. https://t.co/qmamPk0Zvj
@stephancasas
6 Nov 2025
6850 Impressions
0 Retweets
72 Likes
7 Bookmarks
6 Replies
0 Quotes
CVE-2025-24170 A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An app may be able to gain root privileges. https://t.co/OZiigVc3gf
@CVEnew
31 Mar 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "345CC17A-CCA4-4B82-A645-A5226A8DAEBB",
"versionEndExcluding": "13.7.5"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D05DCA25-A1A0-4AEA-9F31-952803114EE2",
"versionEndExcluding": "14.7.5",
"versionStartIncluding": "14.0"
}
],
"operator": "OR"
}
]
}
]