{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-24176", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-01-17T00:00:44.991Z", "datePublished": "2025-01-27T21:46:15.647Z", "dateUpdated": "2026-04-02T18:19:33.914Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "A local attacker may be able to elevate their privileges"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "13.7.3", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "14.7.3", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "15.3", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A local attacker may be able to elevate their privileges."}], "references": [{"url": "https://support.apple.com/en-us/122068"}, {"url": "https://support.apple.com/en-us/122069"}, {"url": "https://support.apple.com/en-us/122070"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:19:33.914Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-276", "lang": "en", "description": "CWE-276 Incorrect Default Permissions"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-28T15:19:41.114383Z", "id": "CVE-2025-24176", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-28T15:24:07.998Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jan/17"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/16"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/15"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:06:22.408Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jan/17"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/16"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/15"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:06:22.408Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-24176", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-28T15:19:41.114383Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-28T15:23:01.922Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "0", "lessThan": "13.7.3", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "14.7.3", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "15.3", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/122068"}, {"url": "https://support.apple.com/en-us/122069"}, {"url": "https://support.apple.com/en-us/122070"}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A local attacker may be able to elevate their privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "A local attacker may be able to elevate their privileges"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:19:33.914Z"}}}, "cveMetadata": {"cveId": "CVE-2025-24176", "state": "PUBLISHED", "dateUpdated": "2026-04-02T18:19:33.914Z", "dateReserved": "2025-01-17T00:00:44.991Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-01-27T21:46:15.647Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88", "versionEndExcluding": "13.7.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E", "versionEndExcluding": "14.7.3", "versionStartIncluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF", "versionEndExcluding": "15.3", "versionStartIncluding": "15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A local attacker may be able to elevate their privileges."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de permisos mejorando la validaci\u00f3n. Este problema se solucion\u00f3 en macOS Ventura 13.7.3, macOS Sequoia 15.3 y macOS Sonoma 14.7.3. Un atacante local podr\u00eda elevar sus privilegios."}], "id": "CVE-2025-24176", "lastModified": "2026-04-02T19:19:13.370", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-01-27T22:15:20.643", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122068"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122069"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122070"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/16"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/17"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-29T02:05:26.702756+00:00", "value": {"mitigation_remediation": ["Upgrade the operating system to macOS\u202fSequoia\u202f15.3, Sonoma\u202f14.7.3, or Ventura\u202f13.7.3, which contain the fix for the permission validation issue.", "Restrict local administrator privileges by disabling or removing unnecessary local admin accounts, thereby narrowing the attack surface.", "Configure the system to perform automatic or timely software updates, ensuring any subsequent security patches are deployed promptly."], "summary": {"action": "Apply Update", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Apple macOS is affected. Versions prior to macOS\u202fSequoia\u202f15.3, Sonoma\u202f14.7.3, and Ventura\u202f13.7.3 are vulnerable to this local privilege escalation issue.", "description_and_impact": "A local permission validation flaw allows a user with limited rights to gain elevated privileges on macOS. The weakness, classified as CWE\u2011276, permits the attacker to bypass intended access controls and assume higher system permissions, compromising confidentiality, integrity, and availability of data and services on the affected machine.", "risk_and_exploitability": "The CVSS rating of 7.1 signals a high severity vulnerability, while an EPSS score of less than 1% indicates a very low exploitation probability at present. The vulnerability is not listed in the CISA KEV catalog. An attacker who can run code locally on the device can exploit this flaw, but the description does not provide evidence for remote or network-triggered exploitation; based on available information, it is inferred that remote exploitation is not supported."}}}}, "created": "2026-04-29T02:15:47.433038+00:00", "title": "Local Privilege Escalation Allowing a Local Attacker to Gain Elevated Privileges on macOS", "updated": "2026-04-29T02:15:47.433049+00:00", "vendors": []}