CVE-2025-24241
Published: 31 March 2025
Description
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
Security Summary
CVE-2025-24241 is a configuration issue addressed with additional restrictions in macOS. It affects macOS Sequoia prior to version 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. The vulnerability enables an app to trick a user into copying sensitive data to the pasteboard. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-284 (Improper Access Control).
A remote attacker requires no privileges and can exploit this over the network with low attack complexity and no user interaction. Exploitation allows high-impact effects on confidentiality, integrity, and availability, where the malicious app can access sensitive data copied to the pasteboard.
Apple's security advisories detail the fix through the specified macOS updates. Mitigation involves applying macOS Sequoia 15.4, macOS Sonoma 14.7.5, or macOS Ventura 13.7.5 as appropriate. Further information is available at https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, https://support.apple.com/en-us/122375, http://seclists.org/fulldisclosure/2025/Apr/10, and http://seclists.org/fulldisclosure/2025/Apr/8.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is an improper access control issue allowing a malicious app to access sensitive data on the pasteboard (macOS clipboard), directly enabling T1115 Clipboard Data collection.