← voltar
CVE-2025-24207

CVE-2025-24207

CVSS 9.8 CRITICALEPSS 0.9%CWE-276
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.8EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
31 mar 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to enable iCloud storage features without user consent.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Apple · macOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://seclists.org/fulldisclosure/2025/Apr/10http://seclists.org/fulldisclosure/2025/Apr/8http://seclists.org/fulldisclosure/2025/Apr/9https://support.apple.com/en-us/122373https://support.apple.com/en-us/122374https://support.apple.com/en-us/122375