CVE-2025-4003
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Apr 28, 2025
Updated: Apr 29, 2025
CWE ID 404
CWE ID 476
Summary
CVE-2025-4003 is a recently discovered vulnerability affecting RefindPlusRepo RefindPlus 0.14.2.AB. This issue, classified as problematic, resides in the InternalApfsTranslateBlock function of the file Library/RP_ApfsLib/RP_ApfsIo.c. The manipulation results in a null pointer dereference, granting an attacker local host access. To mitigate this vulnerability, it is recommended to install the patch with the commit hash 4d35125ca689a255647e9033dd60c257d26df7cb.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.