Skip to main content

Apple macOS CVE-2025-24268

| EUVDEUVD-2025-210120 MEDIUM
Path Traversal (CWE-22)
2026-06-11 apple GHSA-p2jw-4xq4-w7vc
5.5
CVSS 3.1 · Vendor: apple
Share

Severity by source

Vendor (apple) PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
5.5 MEDIUM

Local vector and low privileges required since exploitation depends on a locally running app with user-level access; confidentiality-only impact as no write or denial-of-service capability is described.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (apple).

CVSS VectorVendor: apple

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Analysis Generated
Jun 11, 2026 - 21:37 vuln.today
CVSS changed
Jun 11, 2026 - 20:22 NVD
5.5 (MEDIUM)
Patch available
Jun 11, 2026 - 20:01 EUVD
CVE Published
Jun 11, 2026 - 18:47 cve.org
MEDIUM 5.5
CVE Published
Jun 11, 2026 - 18:47 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.

AnalysisAI

Path traversal in Apple macOS prior to Sequoia 15.4 allows a locally-installed application to bypass directory path restrictions and read sensitive user data outside its permitted file system scope. The flaw (CWE-22) stems from insufficient validation of directory path components in macOS path parsing logic, enabling a rogue or compromised app running with standard user privileges to traverse into restricted locations. No public exploit code has been identified and the CVE is not listed in the CISA Known Exploited Vulnerabilities catalog; SSVC assessment confirms no known active exploitation at the time of this analysis.

Technical ContextAI

The vulnerability resides in Apple's macOS directory path handling subsystem, covering all macOS releases prior to 15.4 as identified by CPE cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*. CWE-22 (Improper Limitation of a Pathname to a Restricted Directory - 'Path Traversal') indicates that path components such as encoded traversal sequences or unnormalized segments were not properly sanitized before being resolved, allowing an application to escape its intended directory scope. Apple characterizes the fix as 'improved path validation,' meaning the corrective change was in the parsing and normalization logic rather than a permission model change. macOS features such as the App Sandbox and TCC (Transparency, Consent, and Control) framework may constrain exploitation depending on the attacking application's declared entitlements, but do not universally prevent the flaw for all app types.

RemediationAI

The primary and recommended fix is to upgrade to macOS Sequoia 15.4 or later, which incorporates Apple's improved path validation resolving this flaw. The vendor advisory at https://support.apple.com/en-us/122373 provides official guidance and update instructions. If immediate upgrade is not possible, defenders should restrict installation of untrusted third-party applications using macOS Gatekeeper (enforcing App Store or identified developer signatures), reducing the attack surface by limiting which apps can invoke the vulnerable path parsing subsystem. Additionally, reviewing and revoking broad file system access permissions for installed applications via System Settings > Privacy & Security > Files and Folders limits the practical reach of any path traversal. Note that these compensating controls reduce but do not eliminate risk, as App Sandbox bypass via traversal is precisely the class of issue this CVE describes.

Share

CVE-2025-24268 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy