PT-2025-5278 · Apple · Apple Macos

Kirin

Publicado

2025-01-27

Atualizado

2025-01-30

CVE-2025-24100

CVSS v3.1

3.3

Baixa

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 13.7.3 macOS versions prior to 14.7.3 macOS versions prior to 15.3

Description A logic issue was addressed with improved restrictions, which may allow an app to access information about a user's contacts. The issue is related to insufficient protection of service data in the AppleMobileFileIntegrity component of the MacOs operating system.

Recommendations For macOS versions prior to 13.7.3, update to macOS Ventura 13.7.3 to resolve the issue. For macOS versions prior to 14.7.3, update to macOS Sonoma 14.7.3 to resolve the issue. For macOS versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200CWE-1284

Identificadores relacionados

BDU:2025-01505

CVE-2025-24100

Produtos afetados

Apple Macos

PT-2025-5278 · Apple · Apple Macos

CVE-2025-24100

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14