CVE-2025-24204

CRITICAL

Apple Macos < 15.4 - Information Disclosure

Title source: rule

Description

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.

Exploits (2)

nomisec SCANNER 111 stars
by 34306 · poc
https://github.com/34306/decrypted
nomisec WORKING POC 103 stars
by FFRI · poc
https://github.com/FFRI/CVE-2025-24204

References (2)

Scores

CVSS v3 9.8
EPSS 0.0020
EPSS Percentile 41.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-200
Status published
Products (2)
apple/macos < 15.4
Apple/macOS < 15.4
Published Mar 31, 2025
Tracked Since Feb 18, 2026