CVE-2025-24122

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 27, 2025

Updated: Jan 28, 2025

Summary

CVE-2025-24122 is a downgrade issue impacting Intel-based Mac computers. Maliciously signed applications could exploit this vulnerability to modify protected parts of the file system. Apple addressed this security concern through added code-signing restrictions, which are now available in macOS Ventura 13.7.3, macOS Sequoia 15.3, and macOS Sonoma 14.7.3. By implementing these restrictions, the risk of unauthorized file system modification has been mitigated for affected Mac users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2ifFvk
https://www.cve.org/CVERecord?id=CVE-2025-24122
https://nvd.nist.gov/vuln/detail/CVE-2025-24122

Back to Vulnerability Database