CVE-2025-4003

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Apr 28, 2025
Updated: Apr 29, 2025
CWE ID 404
CWE ID 476

Summary

CVE-2025-4003 is a recently discovered vulnerability affecting RefindPlusRepo RefindPlus 0.14.2.AB. This issue, classified as problematic, resides in the InternalApfsTranslateBlock function of the file Library/RP_ApfsLib/RP_ApfsIo.c. The manipulation results in a null pointer dereference, granting an attacker local host access. To mitigate this vulnerability, it is recommended to install the patch with the commit hash 4d35125ca689a255647e9033dd60c257d26df7cb.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share