CVE-2025-24236 is a security vulnerability in Apple's macOS that could allow an application to access sensitive user data. The issue was addressed by Apple through additional sandbox restrictions in macOS Sequoia 15.4 and macOS Sonoma 14.7.5. The vulnerability was discovered by Csaba Fitzl (@theevilbit) and Nolan Astrein of Kandji.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive user data by an application. The severity of this issue has been assessed as follows:
Workforce Identity
Endpoint Management
Endpoint Detection & Response
Vulnerability Management
Compliance Automation
Trust Center
