Skip to main content

Apple macOS EUVDEUVD-2025-210113

| CVE-2025-24165 MEDIUM
Improper Access Control (CWE-284)
2026-06-11 apple GHSA-m7r8-cwwx-vr4p
5.5
CVSS 3.1 · Vendor: apple
Share

Severity by source

Vendor (apple) PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
vuln.today AI
5.5 MEDIUM

Local vector confirmed; user must run the app (UI:R); no elevated privileges needed; impact is purely availability via system crash.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (apple).

CVSS VectorVendor: apple

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 12, 2026 - 22:24 vuln.today
CVSS changed
Jun 12, 2026 - 22:22 NVD
5.5 (MEDIUM)
Patch available
Jun 11, 2026 - 20:01 EUVD
CVE Published
Jun 11, 2026 - 18:47 cve.org
MEDIUM 5.5
CVE Published
Jun 11, 2026 - 18:47 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.

AnalysisAI

Improper access control in Apple macOS allows a locally-executed app to cause unexpected system termination, effectively producing a denial-of-service condition against the host. All three actively-supported macOS release lines - Sequoia, Sonoma, and Ventura - are confirmed affected, with fixes delivered simultaneously across all three branches. No active exploitation is confirmed (not in CISA KEV), and the EPSS score of 0.01% at the 3rd percentile indicates negligible observed exploitation probability at time of analysis.

Technical ContextAI

The vulnerability is rooted in CWE-284 (Improper Access Control), meaning the macOS permission enforcement model fails to adequately restrict a sandboxed or unprivileged application from invoking operations that can terminate the operating system. The affected product, per CPE cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*, spans all macOS variants prior to the respective fixed releases. The 'Authentication Bypass' tag in the intelligence data, combined with CWE-284, suggests the flaw allows an app to circumvent entitlement or permission checks that normally gate access to system-critical interfaces - the specific subsystem (kernel extension, XPC service, or system call gate) is not publicly disclosed by Apple, consistent with their standard minimal-disclosure advisory practice.

RemediationAI

The primary fix is to upgrade to macOS Sequoia 15.4, macOS Sonoma 14.7.5, or macOS Ventura 13.7.5, as confirmed by Apple's security advisories at https://support.apple.com/en-us/122373 (Sequoia), https://support.apple.com/en-us/122374 (Sonoma), and https://support.apple.com/en-us/122375 (Ventura). If immediate patching is not feasible, a compensating control is to restrict installation and execution of unsigned or unnotarized applications via macOS Gatekeeper and System Preferences > Privacy & Security, which limits the attack surface to apps that have passed Apple notarization - note this does not eliminate risk from malicious signed apps but significantly raises the barrier. Organizations using MDM (Mobile Device Management) solutions can enforce application allowlisting to restrict which apps users can execute, directly limiting exploitation opportunity.

Share

EUVD-2025-210113 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy