PT-2025-5315 · Apple · Macos Sequoia+4
Pwnrin
·
Published
2025-01-27
·
Updated
2025-01-29
·
CVE-2025-24146
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
macOS Ventura versions prior to 13.7.3
macOS Sequoia versions prior to 15.3
macOS Sonoma versions prior to 14.7.3
Description
The issue is related to the exposure of user contact information in system logging when a conversation is deleted in Messages. This is due to inadequate redaction of sensitive information. The problem may allow a remote attacker to disclose protected information due to inconsistency.
Recommendations
For macOS Ventura versions prior to 13.7.3, update to version 13.7.3 to resolve the issue.
For macOS Sequoia versions prior to 15.3, update to version 15.3 to resolve the issue.
For macOS Sonoma versions prior to 14.7.3, update to version 14.7.3 to resolve the issue.
Fix
Information Disclosure
Insertion into Log File
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apple Macos
Messages
Macos Sequoia
Macos Sonoma
Macos Ventura