CVE-2025-24109

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 27, 2025

Updated: Jan 28, 2025

CWE ID 922

Summary

CVE-2025-24109 is a downgrade issue that has been addressed in the latest updates of macOS Ventura 13.7.3, macOS Sequoia 15.3, and macOS Sonoma 14.7.3. This vulnerability enabled applications to potentially access sensitive user data by bypassing code-signing restrictions. The problem was rectified by implementing additional restrictions on code signing.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2ie_aJ
https://www.cve.org/CVERecord?id=CVE-2025-24109
https://nvd.nist.gov/vuln/detail/CVE-2025-24109

Back to Vulnerability Database