CVE-2025-24255
Published: 31 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-24255 is a file access vulnerability stemming from insufficient input validation, affecting macOS Sequoia prior to version 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. The flaw, classified under CWE-20 (Improper Input Validation), enables an app to break out of its sandbox restrictions. It received a CVSS v3.1 base score of 8.4 (High), reflecting local attack vector (AV:L), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).
A local attacker can exploit this vulnerability by running a malicious app on the targeted system. No special privileges or user interaction are needed, allowing low-complexity exploitation. Successful exploitation permits the app to escape its sandbox, potentially granting unauthorized access to sensitive files and system resources, leading to high-impact compromise of confidentiality, integrity, and availability.
Apple's security advisories detail the fix through improved input validation in the specified macOS updates: Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5. Security practitioners should prioritize patching affected systems, as referenced in Apple's support pages (e.g., HT122373, HT122374, HT122375) and Full Disclosure mailing list announcements.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability enables a local malicious app to escape macOS sandbox restrictions through improper input validation, directly facilitating exploitation for privilege escalation to access unauthorized files and system resources.