CVE-2025-24135
Published: 27 January 2025
Description
An adversary may rely upon a user opening a malicious file in order to gain execution.
Security Summary
CVE-2025-24135 is a vulnerability in macOS Sequoia prior to version 15.3 that stems from insufficient message validation, enabling an app to gain elevated privileges. The issue, associated with CWE-276 and tracked as NVD-CWE-noinfo, was assigned a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and published on January 27, 2025.
A local attacker with no required privileges can exploit this vulnerability by tricking a user into interacting with a malicious app, leading to high-impact consequences including unauthorized access to sensitive data, modification of system resources, and disruption of services due to the elevated privileges obtained.
Apple addressed the vulnerability through improved message validation in macOS Sequoia 15.3. Additional details are available in the official Apple security advisory at https://support.apple.com/en-us/122068 and the Full Disclosure mailing list posting at http://seclists.org/fulldisclosure/2025/Jan/15.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability enables local privilege escalation via insufficient message validation in a malicious app requiring user interaction, directly mapping to T1068 (Exploitation for Privilege Escalation) and T1204.002 (Malicious File).