CVE-2025-24248
CVE-2025-24248
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
31 Mar 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to enumerate devices that have signed into the user's Apple Account.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected products
Apple · macOS