PT-2025-5303 · Apple · Apple Macos
Pedro Tôrres
+1
·
Published
2025-01-27
·
Updated
2025-02-18
·
CVE-2025-24130
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
macOS versions prior to 13.7.3
macOS versions prior to 14.7.3
macOS versions prior to 15.3
Description
The issue is related to insufficient access restrictions in the PackageKit component of macOS, which may allow a remote attacker to elevate their privileges. An app may be able to modify protected parts of the file system.
Recommendations
For macOS versions prior to 13.7.3, update to macOS Ventura 13.7.3 to resolve the issue.
For macOS versions prior to 14.7.3, update to macOS Sonoma 14.7.3 to resolve the issue.
For macOS versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos