CVE-2025-24191

CVSS 5.5 MEDIUMEPSS 0.3%CWE-20

The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Apple · macOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2025/Apr/8 https://support.apple.com/en-us/122373