{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-24169", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-01-17T00:00:44.989Z", "datePublished": "2025-01-27T21:45:31.754Z", "dateUpdated": "2026-04-02T18:09:38.675Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "A malicious app may be able to bypass browser extension authentication"}]}], "affected": [{"vendor": "Apple", "product": "Safari", "versions": [{"version": "0", "status": "affected", "lessThan": "18.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "15.3", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication."}], "references": [{"url": "https://support.apple.com/en-us/122068"}, {"url": "https://support.apple.com/en-us/122074"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:09:38.675Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-532", "lang": "en", "description": "CWE-532 Insertion of Sensitive Information into Log File"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-31T19:41:58.570010Z", "id": "CVE-2025-24169", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-31T21:28:14.497Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jan/20"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/15"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:05:54.733Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jan/20"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/15"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:05:54.733Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-24169", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-31T19:41:58.570010Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-31T19:41:59.970Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "Safari", "versions": [{"status": "affected", "version": "0", "lessThan": "18.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "0", "lessThan": "15.3", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/122068"}, {"url": "https://support.apple.com/en-us/122074"}], "descriptions": [{"lang": "en", "value": "A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "A malicious app may be able to bypass browser extension authentication"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:09:38.675Z"}}}, "cveMetadata": {"cveId": "CVE-2025-24169", "state": "PUBLISHED", "dateUpdated": "2026-04-02T18:09:38.675Z", "dateReserved": "2025-01-17T00:00:44.989Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-01-27T21:45:31.754Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "0384B3A1-9447-4020-A798-38CB2348F67B", "versionEndExcluding": "18.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B", "versionEndExcluding": "15.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de registro con una redacci\u00f3n de datos mejorada. Este problema se solucion\u00f3 en macOS Sequoia 15.3 y Safari 18.3. Una aplicaci\u00f3n maliciosa podr\u00eda eludir la autenticaci\u00f3n de la extensi\u00f3n del navegador."}], "id": "CVE-2025-24169", "lastModified": "2026-04-02T19:19:12.450", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-01-27T22:15:20.460", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/122068"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/122074"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/20"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-532"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T04:13:08.616260+00:00", "value": {"mitigation_remediation": ["Upgrade Safari to version 18.3 or later", "Upgrade macOS to Sequoia 15.3 or later", "Verify that browser extensions require proper authentication before installation or update"], "summary": {"action": "Immediate Patch", "impact": "Data Leak and Unauthorized Extension Access"}, "threat_synthesis": {"affected_systems": "Apple Safari versions prior to 18.3 on macOS, and macOS releases before Sequoia 15.3 are impacted. The problem exists across all Safari browsers running on macOS systems where the enhanced logging and authentication checks were not yet applied. Users of older Safari builds on macOS must check for and install the policy updates.", "description_and_impact": "A logging flaw in Safari and macOS allowed sensitive information to be written to logs without adequate redaction, exposing confidential data. Additionally, the flaw can let a malicious application bypass browser\u2011extension authentication, enabling unauthorized use of extensions. The weakness corresponds to CWE\u2011532 and jeopardizes confidentiality and integrity of user data.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity, yet the EPSS score of less than 1% implies a very low probability of exploitation at present. The flaw is not listed in the CISA KEV catalog and is believed to be exploitable only by a local or authenticated malicious application that can install a custom extension. The attack likely requires local user interaction or privileged app installation."}}}}, "created": "2026-04-28T04:15:16.040481+00:00", "title": "Logging Redaction Flaw Allowing Sensitive Data Exposure and Extension Authentication Bypass", "updated": "2026-04-28T04:15:16.040493+00:00", "vendors": []}