CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-24270: This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS...
5.7
CVSS
Description
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to leak sensitive user information.
Classification
CVE ID: CVE-2025-24270
CVSS Base Severity: MEDIUM
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Problem Types
An attacker on the local network may be able to leak sensitive user informationAffected Products
Vendor: Apple
Product: tvOS, iOS and iPadOS, iPadOS, macOS, visionOS
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 4.34% (scored less or equal to compared to others)
EPSS Date: 2025-05-28 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2025-24270https://support.apple.com/en-us/122377
https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122372
https://support.apple.com/en-us/122373
https://support.apple.com/en-us/122378
https://support.apple.com/en-us/122374
https://support.apple.com/en-us/122375