CVE-2025-24267

CVE-2025-24267 is a permissions issue, classified under CWE-276 (Incorrect Default Permissions), affecting Apple's macOS operating system. The vulnerability allows an app to gain root privileges and was addressed with additional restrictions. It impacts macOS Sequoia versions prior to 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. The issue received a CVSS v3.1 base score of 7.8 (High), reflecting a local attack vector with low attack complexity, low privileges required, no user interaction, unchanged scope, and high impacts on confidentiality, integrity, and availability.

A local attacker with low-level privileges (PR:L) can exploit this vulnerability to escalate privileges to root. The low attack complexity and lack of required user interaction (UI:N) make it feasible for malicious apps or processes already running on the system to bypass restrictions and achieve full administrative control, potentially enabling further compromise such as data exfiltration, persistence, or system takeover.

Apple's security advisories detail the fix through updated versions: macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, which introduce additional permissions restrictions to prevent privilege escalation. Security practitioners should prioritize updating affected systems, as outlined in the referenced support pages (e.g., https://support.apple.com/en-us/122373), and monitor full disclosure lists for additional technical details.