CVE-2025-24169 - Vulnerability Details

- Logging Redaction Flaw Allowing Sensitive Data Exposure and Extension Authentication Bypass

Description

A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication.

Published: 2025-01-27

Score: 7.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A logging flaw in Safari and macOS allowed sensitive information to be written to logs without adequate redaction, exposing confidential data. Additionally, the flaw can let a malicious application bypass browser‑extension authentication, enabling unauthorized use of extensions. The weakness corresponds to CWE‑532 and jeopardizes confidentiality and integrity of user data.

Affected Systems

Apple Safari versions prior to 18.3 on macOS, and macOS releases before Sequoia 15.3 are impacted. The problem exists across all Safari browsers running on macOS systems where the enhanced logging and authentication checks were not yet applied. Users of older Safari builds on macOS must check for and install the policy updates.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity, yet the EPSS score of less than 1% implies a very low probability of exploitation at present. The flaw is not listed in the CISA KEV catalog and is believed to be exploitable only by a local or authenticated malicious application that can install a custom extension. The attack likely requires local user interaction or privileged app installation.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apple

Safari

affected

Version	Status	Constraints
`0`	affected	< 18.3

Apple

macOS

affected

Version	Status	Constraints
`0`	affected	< 15.3

Configuration 1 [-]

OR	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:o:apple:macos::::::::

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Safari to version 18.3 or later
Upgrade macOS to Sequoia 15.3 or later
Verify that browser extensions require proper authentication before installation or update

Generated by OpenCVE AI on April 28, 2026 at 04:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-3667	A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.3, Safari 18.3. A malicious app may be able to bypass browser extension authentication.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00044.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
http://seclists.org/fulldisclosure/2025/Jan/15
http://seclists.org/fulldisclosure/2025/Jan/20
https://support.apple.com/en-us/122068
https://support.apple.com/en-us/122074

History

Tue, 28 Apr 2026 04:30:00 +0000

Type	Values Removed	Values Added
Title		Logging Redaction Flaw Allowing Sensitive Data Exposure and Extension Authentication Bypass

Thu, 02 Apr 2026 20:30:00 +0000

Type	Values Removed	Values Added
Description	A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.3, Safari 18.3. A malicious app may be able to bypass browser extension authentication.	A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication.

Mon, 03 Nov 2025 21:30:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2025/Jan/15 http://seclists.org/fulldisclosure/2025/Jan/20

Fri, 31 Jan 2025 22:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-532
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 30 Jan 2025 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple macos Apple safari
Weaknesses		NVD-CWE-Other
CPEs		cpe:2.3:a:apple:safari:::::::: cpe:2.3:o:apple:macos::::::::
Vendors & Products		Apple Apple macos Apple safari
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}`

Mon, 27 Jan 2025 22:00:00 +0000

Type	Values Removed	Values Added
Description		A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.3, Safari 18.3. A malicious app may be able to bypass browser extension authentication.
References		https://support.apple.com/en-us/122068 https://support.apple.com/en-us/122074

Subscriptions

Apple Macos Safari

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2025-01-27T21:45:31.754Z

Updated: 2026-04-02T18:09:38.675Z

Reserved: 2025-01-17T00:00:44.989Z

Link: CVE-2025-24169

Vulnrichment

Updated: 2025-11-03T21:05:54.733Z

NVD

Status : Modified

Published: 2025-01-27T22:15:20.460

Modified: 2026-04-02T19:19:12.450

Link: CVE-2025-24169

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-28T04:15:16Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object