CVE-2025-24215
published 2025-03-31CVE-2025-24215: The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ipados | < 17.7.6 | 17.7.6 |
| apple | ipados | — | — |
| apple | macos | < 13.7.5 | 13.7.5 |
| apple | macos | < 14.7.5 | 14.7.5 |
| apple | macos | < 15.4 | 15.4 |
| apple | macos | >= 13.0 < 13.7.5 | 13.7.5 |
| apple | macos | >= 14.0 < 14.7.5 | 14.7.5 |
| apple | macos | >= 15.0 < 15.4 | 15.4 |
| apple | macos_sequoia | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_ventura | — | — |
GHSA
GHSA-g3r7-w9gq-5v84: The issue was addressed with improved checks
ghsa_unreviewed·2025-04-01
CVE-2025-24215 [MEDIUM] CWE-284 GHSA-g3r7-w9gq-5v84: The issue was addressed with improved checks
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to access private information.
Apple
CVE-2025-24215: macOS Sonoma 14.7.5
vendor_apple·2025-03-31·CVSS 5.5
CVE-2025-24215 [MEDIUM] CVE-2025-24215: macOS Sonoma 14.7.5
Apple Security Update: About the security content of macOS Sonoma 14.7.5
Product: macOS Sonoma
Version: 14.7.5
CVE: CVE-2025-24215
Component: CloudKit
Impact: A malicious app may be able to access private information
Description: The issue was addressed with improved checks.
Apple
CVE-2025-24215: iPadOS 17.7.6
vendor_apple·2025-03-31·CVSS 5.5
CVE-2025-24215 [MEDIUM] CVE-2025-24215: iPadOS 17.7.6
Apple Security Update: About the security content of iPadOS 17.7.6
Product: iPadOS
Version: 17.7.6
CVE: CVE-2025-24215
Component: CloudKit
Impact: A malicious app may be able to access private information
Description: The issue was addressed with improved checks.
Apple
CVE-2025-24215: macOS Ventura 13.7.5
vendor_apple·2025-03-31·CVSS 5.5
CVE-2025-24215 [MEDIUM] CVE-2025-24215: macOS Ventura 13.7.5
Apple Security Update: About the security content of macOS Ventura 13.7.5
Product: macOS Ventura
Version: 13.7.5
CVE: CVE-2025-24215
Component: CloudKit
Impact: A malicious app may be able to access private information
Description: The issue was addressed with improved checks.
Apple
CVE-2025-24215: macOS Sequoia 15.4
vendor_apple·2025-03-31·CVSS 5.5
CVE-2025-24215 [MEDIUM] CVE-2025-24215: macOS Sequoia 15.4
Apple Security Update: About the security content of macOS Sequoia 15.4
Product: macOS Sequoia
Version: 15.4
CVE: CVE-2025-24215
Component: CloudKit
Impact: A malicious app may be able to access private information
Description: The issue was addressed with improved checks.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.apple.com/en-us/122372https://support.apple.com/en-us/122373https://support.apple.com/en-us/122374https://support.apple.com/en-us/122375http://seclists.org/fulldisclosure/2025/Apr/10http://seclists.org/fulldisclosure/2025/Apr/5http://seclists.org/fulldisclosure/2025/Apr/8http://seclists.org/fulldisclosure/2025/Apr/9
2025-03-31
Published