CVE-2025-24135

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 27, 2025

Updated: Jan 28, 2025

CWE ID 276

Summary

CVE-2025-24135 is a recently identified vulnerability in macOS Sequoia. The issue involves insufficient message validation, enabling an application to potentially elevate its privileges. macOS users are advised to update to version 15.3 to mitigate this risk. By improving message validation, the vulnerability has been effectively addressed.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2ifqkU
https://www.cve.org/CVERecord?id=CVE-2025-24135
https://nvd.nist.gov/vuln/detail/CVE-2025-24135

Back to Vulnerability Database