4.4
CVE-2025-24242 - Symlink Handling Exploit Allowing Root Application to Access Private Information on macOS
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app with root privileges may be able to access private information.
5.5
CVE-2025-24215 - Potential Private Information Disclosure in iPadOS and macOS
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information.
5
CVE-2025-24203 - Unauthorized File System Modification via App on Apple Platforms
The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to modify protected parts of the file system.
6.5
CVE-2025-24192 - Browser Script Import Vulnerability Causing Information Disclosure
A script imports issue was addressed with improved isolation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. Visiting a website may leak sensitive data.
8.8
CVE-2025-24254 - Privilege Escalation via Symlink Validation Failure
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A user may be able to elevate privileges.
5.5
CVE-2025-30450 - macOS Symlink Validation Flaw Allowing Unauthorized Data Access
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access sensitive user data.
5.5
CVE-2025-31187 -
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system.
5.5
CVE-2025-24278 - Symlink Validation Bug Allows Unauthorized Access to Protected User Data
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data.
5.5
CVE-2025-24281 - macOS Sensitive Data Exposure through Improper Data Protection
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.
6.5
CVE-2025-30446 - Root-Privilege System File Modification Vulnerability in macOS
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app with root privileges may be able to modify the contents of system files.