CVE-2025-24093

CVE-2025-24093 is a permissions vulnerability classified under CWE-276 (Incorrect Default Permissions) affecting Apple's macOS operating system. The issue allows an app to access removable volumes, such as USB drives, without user consent due to insufficient restrictions on permissions. It impacts macOS Sequoia versions prior to 15.4, macOS Sonoma prior to 14.7.3, and macOS Ventura prior to 13.7.3. The vulnerability received a CVSS v3.1 base score of 9.8 (Critical), reflecting network accessibility (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).

Any remote attacker can exploit this vulnerability by delivering a malicious app to a target system, enabling the app to read from or write to removable volumes without prompting the user. No special privileges or local access are needed, and exploitation requires only low complexity over the network. Successful exploitation grants the attacker unauthorized access to sensitive data on attached removable media, potentially allowing theft, modification, or deletion of files.

Apple's security advisories detail the fix through additional permissions restrictions in the specified macOS updates: Sequoia 15.4, Sonoma 14.7.3, and Ventura 13.7.3. Security practitioners should prioritize patching affected systems, as outlined in the referenced support pages (e.g., https://support.apple.com/en-us/122069), and monitor for full disclosure discussions on platforms like seclists.org.