CVE-2025-24234
Published: 31 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-24234 is a vulnerability in macOS that allows a malicious app to gain root privileges, classified under CWE-276 (Incorrect Default Permissions). It affects macOS versions prior to the patched releases, specifically macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. The issue was addressed by Apple through the removal of the vulnerable code.
The vulnerability has a CVSS v3.1 base score of 7.8 (High), with a local attack vector (AV:L), low attack complexity (AC:L), no privileges required (PR:N), and user interaction required (UI:R). An attacker can exploit it by tricking a user into running a malicious application on the target system, potentially achieving high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) by escalating to root privileges.
Apple's security advisories detail that the vulnerability was fixed in the specified macOS updates by removing the vulnerable code. Relevant documentation is available at support.apple.com/en-us/122373, support.apple.com/en-us/122374, and support.apple.com/en-us/122375, with additional full disclosure discussions on seclists.org/fulldisclosure/2025/Apr/10 and seclists.org/fulldisclosure/2025/Apr/8. Security practitioners should ensure systems are updated to the patched versions to mitigate the risk.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Vulnerability allows malicious app to escalate to root privileges via incorrect default permissions on macOS, directly enabling exploitation for privilege escalation.