- Description
- This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app with root privileges may be able to access private information.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 4.4
- Impact score
- 3.6
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-59
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
2
弊社エンジニアが発見・報告した脆弱性の情報が公開されました。 macOS のセキュリティ機構バイパス (CVE-2025-24204, CVE-2025-24242) https://t.co/9jDpAruKEU Dell Client Platform BIOS のスタックバッファオーバーフロー (CVE-2025-29988) https://t.co/3GqQdrvsXD https://t.co/g79RTTwEkn
@FFRI_Research
11 Apr 2025
390 Impressions
2 Retweets
10 Likes
1 Bookmark
0 Replies
0 Quotes
🔴 #macOS, Symlink Privilege Escalation, #CVE-2025-24242 (Critical) https://t.co/Ug2Gw31eEW
@dailycve
4 Apr 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24242 This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app with root privileges may be able to access private info… https://t.co/2erRxAgELR
@CVEnew
31 Mar 2025
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3BD0A90-23F1-430A-8119-E14055F7E621",
"versionEndExcluding": "15.4"
}
],
"operator": "OR"
}
]
}
]