CVE-2025-24207

CVE-2025-24207 is a permissions issue, classified under CWE-276 (Incorrect Default Permissions), affecting macOS Sequoia prior to version 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. Published on March 31, 2025, the vulnerability enables an app to activate iCloud storage features without user consent. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its network accessibility, low attack complexity, and lack of required privileges or user interaction.

A remote attacker with no privileges can exploit this vulnerability by leveraging a malicious app to bypass permission restrictions and enable iCloud storage. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, potentially allowing unauthorized data storage, synchronization, or manipulation via iCloud services.

Apple's security advisories confirm the issue was addressed through additional permissions restrictions, with fixes deployed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. Relevant documentation is available at support.apple.com/en-us/122373, support.apple.com/en-us/122374, and support.apple.com/en-us/122375, alongside full disclosure discussions on seclists.org/fulldisclosure/2025/Apr/10 and seclists.org/fulldisclosure/2025/Apr/8. Security practitioners should prioritize patching affected systems to these versions.