Apple Macos Ventura vulnerabilities

CVE-2025-24102 [CRITICAL] CVE-2025-24102: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24102 Component: CoreRoutine Impact: An app may be able to determine a user’s current location Description: The issue was addressed with improved checks.

CVE-2024-55549 [HIGH] CVE-2024-55549: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2024-55549 Component: LaunchServices Impact: An app may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions.

CVE-2025-24174 [HIGH] CVE-2025-24174: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24174 Component: CoreRoutine Impact: An app may be able to determine a user’s current location Description: The issue was addressed with improved checks.

CVE-2025-24855 [HIGH] CVE-2025-24855: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24855 Component: LaunchServices Impact: An app may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions.

CVE-2025-24156 [HIGH] CVE-2025-24156: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24156 Component: Xsan Impact: An app may be able to elevate privileges Description: An integer overflow was addressed through improved input validation.

CVE-2025-24176 [HIGH] CVE-2025-24176: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24176 Component: StorageKit Impact: A local attacker may be able to elevate their privileges Description: A permissions issue was addressed with improved validation.

CVE-2025-24120 [HIGH] CVE-2025-24120: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24120 Component: WindowServer Impact: An attacker may be able to cause unexpected app termination Description: This issue was addressed by improved management of object lifetimes.

CVE-2025-24115 [MEDIUM] CVE-2025-24115: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24115 Component: LaunchServices Impact: An app may be able to read files outside of its sandbox Description: A path handling issue was addressed with improved validation.

CVE-2025-24136 [MEDIUM] CVE-2025-24136: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24136 Component: Login Window Impact: A malicious app may be able to create symlinks to protected regions of the disk Description: This issue was addressed with improved validation of symlinks.

CVE-2025-24099 [MEDIUM] CVE-2025-24099: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24099 Component: PackageKit Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved checks.

CVE-2025-24151 [MEDIUM] CVE-2025-24151: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24151 Component: SMB Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2025-24114 [MEDIUM] CVE-2025-24114: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24114 Component: AppleMobileFileIntegrity Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.

CVE-2025-31248 [MEDIUM] CVE-2025-31248: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-31248 Component: UserAccountUpdater Impact: An app may be able to access sensitive user data Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-24130 [MEDIUM] CVE-2025-24130: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24130 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2025-24116 [MEDIUM] CVE-2025-24116: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24116 Component: LaunchServices Impact: An app may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions.

CVE-2025-24094 [MEDIUM] CVE-2025-24094: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24094 Component: LaunchServices Impact: An app may be able to access user-sensitive data Description: A race condition was addressed with additional validation.

CVE-2025-24103 [MEDIUM] CVE-2025-24103: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24103 Component: Security Impact: An app may be able to access protected user data Description: This issue was addressed with improved validation of symlinks.

CVE-2025-24149 [MEDIUM] CVE-2025-24149: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24149 Component: SceneKit Impact: Parsing a file may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2025-31242 [MEDIUM] CVE-2025-31242: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-31242 Component: StoreKit Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2025-24127 [MEDIUM] CVE-2025-24127: macOS Ventura 13.7.3 Apple Security Update: About the security content of macOS Ventura 13.7.3 Product: macOS Ventura Version: 13.7.3 CVE: CVE-2025-24127 Component: ARKit Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks.