CVE-2025-24277

Name of the Vulnerable Software and Affected Versions macOS versions prior to Ventura 13.7.5 macOS versions prior to Sequoia 15.4 macOS versions prior to Sonoma 14.7.5

Description An issue was identified in the handling of directory paths, specifically a parsing problem. This was addressed through improved path validation. Exploitation of this issue could allow an application to gain root privileges and achieve a sandbox escape. The vulnerability was discussed in relation to a local privilege escalation (LPE) affecting the crash reporting process.

Recommendations Update to macOS Ventura version 13.7.5 or later. Update to macOS Sequoia version 15.4 or later. Update to macOS Sonoma version 14.7.5 or later.