{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-24153","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2025-01-17T00:00:44.984Z","datePublished":"2025-01-27T21:45:36.056Z","dateUpdated":"2026-04-02T18:10:43.628Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app with root privileges may be able to execute arbitrary code with kernel privileges"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"15.3","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app with root privileges may be able to execute arbitrary code with kernel privileges."}],"references":[{"url":"https://support.apple.com/en-us/122068"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:10:43.628Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-120","lang":"en","description":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":6.7,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"HIGH","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-02-04T20:45:48.968687Z","id":"CVE-2025-24153","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-02-04T20:45:53.364Z"}},{"title":"CVE Program Container","references":[{"url":"http://seclists.org/fulldisclosure/2025/Jan/15"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:04:23.852Z"}}]}}