This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious app may be able to create symlinks to protected regions of the disk.
Metrics
Affected Vendors & Products
References
History
Tue, 04 Feb 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 30 Jan 2025 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple macos |
|
Weaknesses | CWE-59 | |
CPEs | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | |
Vendors & Products |
Apple
Apple macos |
|
Metrics |
cvssV3_1
|
Mon, 27 Jan 2025 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious app may be able to create symlinks to protected regions of the disk. | |
References |
|

Status: PUBLISHED
Assigner: apple
Published: 2025-01-27T21:46:18.979Z
Updated: 2025-02-04T21:30:04.123Z
Reserved: 2025-01-17T00:00:44.974Z
Link: CVE-2025-24136

Updated: 2025-01-28T17:19:51.162Z

Status : Modified
Published: 2025-01-27T22:15:18.340
Modified: 2025-02-04T22:15:42.370
Link: CVE-2025-24136

No data.