← back
CVE-2025-24248

CVE-2025-24248

CVSS 5 MEDIUMEPSS 0.4%CWE-284
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
31 Mar 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to enumerate devices that have signed into the user's Apple Account.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected products
Apple · macOS