CVE-2025-24103

CVSS 9.8 CRITICALEPSS 0.6%CWE-59

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access protected user data.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Productos afectados

Apple · macOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://seclists.org/fulldisclosure/2025/Jan/15 http://seclists.org/fulldisclosure/2025/Jan/16 http://seclists.org/fulldisclosure/2025/Jan/17 https://support.apple.com/en-us/122068 https://support.apple.com/en-us/122069 https://support.apple.com/en-us/122070