- Description
- A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- macos
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-276
- Hype score
- Not currently trending
The writeup to our #OBTS talk “CrashOne - A Starbucks Story - CVE-2025-24277“ with @gergely_kalman is up at Iru’s website. This was a cool sandbox escape + lpe on macOS. https://t.co/Vd6sRJzyk0
@theevilbit
13 Nov 2025
4569 Impressions
12 Retweets
52 Likes
16 Bookmarks
2 Replies
1 Quote
The slidedeck to our talk, Crash One: A Starbucks Story - CVE-2025-24277, with @gergely_kalman from @hexacon_fr and @objective_see #OBTS is available from the link below. It was a macOS vulnerability impacting the crash reporting process where we could achieve LPE and sandbox
@theevilbit
15 Oct 2025
7608 Impressions
25 Retweets
80 Likes
33 Bookmarks
1 Reply
0 Quotes
Two guys @gergely_kalman & @theevilbit walk into a Starbucks. One latte. One “this probably isn’t exploitable” bug. ☕➡️💣 CVE-2025-24277 is born. Sandbox: escaped. macOS: rattled. This kind of story? Only at #OBTS. 🎤🔥 https://t.co/OZvYFgQrlc
@Mu55sy
15 Oct 2025
81 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
"Crash One - A StarBucks Story (CVE-2025-24277)" by Csaba Fitzl (@theevilbit) and Gergely Kalman (@gergely_kalman ) (not a coffee related talk) https://t.co/rh2wzCBDyN
@hexacon_fr
10 Oct 2025
2677 Impressions
2 Retweets
14 Likes
0 Bookmarks
0 Replies
1 Quote
📢"Crash One - A StarBucks Story (CVE-2025-24277)" by Csaba Fitzl and Gergely Kalman https://t.co/yZmZoJVL4X
@hexacon_fr
3 Oct 2025
1525 Impressions
3 Retweets
10 Likes
0 Bookmarks
0 Replies
1 Quote
CVE-2025-24277 A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS… https://t.co/hO9hdUT6Jk
@CVEnew
1 Apr 2025
367 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two new CVEs for me this time around: CVE-2025-30456 and CVE-2025-24277 with the one and only @theevilbit :) Time to look for some bypasses eh?
@gergely_kalman
31 Mar 2025
2063 Impressions
2 Retweets
39 Likes
1 Bookmark
3 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFA86AE-8EE9-414C-9FD2-C8551FF2A5CC",
"versionEndExcluding": "13.7.5",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D05DCA25-A1A0-4AEA-9F31-952803114EE2",
"versionEndExcluding": "14.7.5",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1320B815-0457-4276-83B9-AFAFDAF17EDA",
"versionEndExcluding": "15.4",
"versionStartIncluding": "15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]