PT-2025-5295 · Apple · Applemobilefileintegrity+4
Mickey Jin
·
Published
2025-01-17
·
Updated
2025-01-29
·
CVE-2025-24121
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
macOS Ventura versions 13.7.3 and earlier
macOS Sequoia versions 15.3 and earlier
macOS Sonoma versions 14.7.3 and earlier
Description
A logic issue was addressed with improved checks, which could allow an application to modify protected parts of the file system. The issue is related to insufficient authorization mechanism in the AppleMobileFileIntegrity component of macOS operating systems, potentially allowing an attacker to elevate their privileges.
Recommendations
For macOS Ventura versions prior to 13.7.3, update to version 13.7.3 or later to resolve the issue.
For macOS Sequoia versions prior to 15.3, update to version 15.3 or later to resolve the issue.
For macOS Sonoma versions prior to 14.7.3, update to version 14.7.3 or later to resolve the issue.
Fix
Incorrect Authorization
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Applemobilefileintegrity
Apple Macos
Macos Sequoia
Macos Sonoma
Macos Ventura