CVE-2025-24277

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 31, 2025

Updated: Apr 4, 2025

CWE ID 276

Summary

CVE-2025-24277 is a vulnerability affecting macOS that involves a parsing issue in the handling of directory paths. This issue could potentially allow an application to gain root privileges, posing a significant security risk. While specific details about the exploitation of this vulnerability are not publicly known, it has been addressed in recent updates to macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. Users are strongly encouraged to install these updates as soon as possible to mitigate the risk of potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2ieFsy
https://www.cve.org/CVERecord?id=CVE-2025-24277
https://nvd.nist.gov/vuln/detail/CVE-2025-24277

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners