CVE-2025-24277
Published: 31 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-24277 is a parsing issue in the handling of directory paths, addressed through improved path validation. The vulnerability affects macOS Sequoia prior to version 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. It carries a CVSS v3.1 base score of 7.8 (High), with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, and is associated with CWE-276.
A local attacker can exploit this vulnerability by tricking a user into interacting with a malicious app, requiring no special privileges. Successful exploitation allows the app to escalate to root privileges, potentially enabling high-impact unauthorized access to confidentiality, integrity, and availability of system resources.
Apple security advisories detail the fix via improved path validation in the specified macOS updates. Practitioners should prioritize patching affected systems to macOS Sequoia 15.4, Sonoma 14.7.5, or Ventura 13.7.5, as outlined in support documents such as https://support.apple.com/en-us/122373. Additional details appear in related advisories and Full Disclosure mailing list posts.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is a local path validation parsing flaw that directly enables a malicious app (run via user interaction) to escalate privileges to root on macOS, mapping to Exploitation for Privilege Escalation.