Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to enumerate devices that have signed into the user's Apple Account.
Published: 2025-03-31
Score: 5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Update macOS
AI Analysis

Impact

A permissions flaw in macOS permits an application to gather a list of devices that have logged into the user’s Apple account. The flaw was addressed by adding stricter restrictions on access to this information. Because an attacker could discover the exact set of devices tied to a user, the result is potential privacy exposure and an initial foothold for further targeted attacks. This issue is classified as CWE‑284: Improper Access Control.

Affected Systems

The affected product is Apple macOS, specifically versions prior to Sequoia 15.4. The vulnerability is present in all earlier macOS releases that do not contain the fix applied in Sequoia 15.4 and later. Systems running Sequoia 15.4 or newer are not affected.

Risk and Exploitability

The CVSS score of 5 indicates moderate severity. The EPSS score is below 1%, suggesting that exploitation is unlikely at this time. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that the attack vector is a local application that can execute with the permissions required to read Apple account data. The exploit requires the user to run the application, so the risk is limited to environments where untrusted software can be executed.

Generated by OpenCVE AI on April 28, 2026 at 02:43 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to version 15.4 (Sequoia) or later where the restriction is implemented.
  • If an update is not yet available, review installed applications for those that request account information and remove or disable those that do not require it.
  • Enforce the principle of least privilege by restricting the capabilities of third‑party applications to read user account data, and monitor for unexpected queries in system logs.

Generated by OpenCVE AI on April 28, 2026 at 02:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-8957 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to enumerate devices that have signed into the user's Apple Account.
History

Tue, 28 Apr 2026 03:00:00 +0000

Type Values Removed Values Added
Title macOS Permissions Issue Allows Enumeration of Apple Account Devices

Mon, 03 Nov 2025 22:30:00 +0000

Type Values Removed Values Added
References

Fri, 04 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Tue, 01 Apr 2025 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
Metrics cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 31 Mar 2025 22:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to enumerate devices that have signed into the user's Apple Account.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:21:11.980Z

Reserved: 2025-01-17T00:00:45.009Z

Link: CVE-2025-24248

cve-icon Vulnrichment

Updated: 2025-11-03T21:10:52.312Z

cve-icon NVD

Status : Modified

Published: 2025-03-31T23:15:21.993

Modified: 2025-11-03T22:18:36.117

Link: CVE-2025-24248

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T02:45:11Z

Weaknesses