CVE-2025-24093

critical

Description

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access removable volumes without user consent.

References

https://support.apple.com/en-us/122373

https://support.apple.com/en-us/122070

https://support.apple.com/en-us/122069

http://seclists.org/fulldisclosure/2025/Jan/17

http://seclists.org/fulldisclosure/2025/Jan/16

http://seclists.org/fulldisclosure/2025/Apr/8

Details

Source: Mitre, NVD

Published: 2025-01-27

Updated: 2026-04-02

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H