{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-24109", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-01-17T00:00:44.969Z", "datePublished": "2025-01-27T21:45:25.051Z", "dateUpdated": "2026-04-02T18:07:37.997Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to access sensitive user data"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "13.7.3", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "14.7.3", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "15.3", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data."}], "references": [{"url": "https://support.apple.com/en-us/122068"}, {"url": "https://support.apple.com/en-us/122069"}, {"url": "https://support.apple.com/en-us/122070"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:07:37.997Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-200", "lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-28T16:20:25.491861Z", "id": "CVE-2025-24109", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-19T13:53:28.889Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jan/17"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/16"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/15"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:01:35.204Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jan/17"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/16"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/15"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:01:35.204Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-24109", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-28T16:20:25.491861Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-28T16:21:07.576Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "14.7", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "13.7", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/122069"}, {"url": "https://support.apple.com/en-us/122068"}, {"url": "https://support.apple.com/en-us/122070"}], "descriptions": [{"lang": "en", "value": "A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access sensitive user data."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to access sensitive user data"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-01-27T21:45:25.051Z"}}}, "cveMetadata": {"cveId": "CVE-2025-24109", "state": "PUBLISHED", "dateUpdated": "2025-11-03T21:01:35.204Z", "dateReserved": "2025-01-17T00:00:44.969Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-01-27T21:45:25.051Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88", "versionEndExcluding": "13.7.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E", "versionEndExcluding": "14.7.3", "versionStartIncluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF", "versionEndExcluding": "15.3", "versionStartIncluding": "15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de degradaci\u00f3n con restricciones adicionales de firma de c\u00f3digo. Este problema se solucion\u00f3 en macOS Ventura 13.7.3, macOS Sequoia 15.3 y macOS Sonoma 14.7.3. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."}], "id": "CVE-2025-24109", "lastModified": "2026-04-02T19:19:00.737", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-01-27T22:15:16.347", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122068"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122069"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122070"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/16"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/17"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T04:14:54.519783+00:00", "value": {"mitigation_remediation": ["Install the latest macOS updates\u2014macOS Sequoia 15.3, macOS Sonoma 14.7.3, or macOS Ventura 13.7.3\u2014to patch the code\u2011signing downgrade issue", "Verify that the system\u2019s security settings enforce strict code\u2011signing enforcement and disable any legacy verification modes that could allow downgraded binaries", "Educate users and administrators about the dangers of installing unsigned or unverified applications, and encourage the use of the Mac App Store or trusted developer signatures"], "summary": {"action": "Patch Now", "impact": "Unauthorized Access to Sensitive User Data via Code\u2011Signing Downgrade"}, "threat_synthesis": {"affected_systems": "Apple macOS systems running any version earlier than macOS Sequoia 15.3, macOS Sonoma 14.7.3, or macOS Ventura 13.7.3 are vulnerable. The issue impacts all Apple Macintosh computers that have not applied the listed security updates.", "description_and_impact": "A downgrade vulnerability in macOS allows an application to bypass newly added code\u2011signing restrictions, enabling the app to read or otherwise expose sensitive user data that it should not be able to access. This weakness permits an attacker to retrieve confidential information without the user\u2019s awareness, potentially compromising privacy and integrity of personal or corporate data. The vulnerability aligns with CWE\u2011200, an information exposure flaw that can lead to unauthorized data disclosure.", "risk_and_exploitability": "The CVSS score of 9.8 indicates critical severity, but the EPSS score of less than 1% suggests a very low probability of active exploitation at the time of analysis. This vulnerability is not listed in the CISA KEV catalog. The potential attack vector is a local or user\u2011directed scenario where the victim runs a malicious application. An adversary would need to deliver or trick the user into installing a downgraded app that bypasses code\u2011signing checks, after which the app can read protected data. Because no known public exploits are available and exploitation would likely require user interaction, the risk remains moderate to high depending on the environment."}}}}, "created": "2026-04-28T04:15:16.041407+00:00", "title": "Downgrade Issue Lets App Access Sensitive User Data", "updated": "2026-04-28T04:15:16.041422+00:00", "vendors": []}