Main Vulnerability Database Vulnerabilities #VU106873

#VU106873 Protection Mechanism Failure in macOS - CVE-2025-24172

Published: April 2, 2025

Vulnerability identifier: #VU106873

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-24172

CWE-ID: CWE-693

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error in the "Block All Remote Content" feature in Mail, which may not apply for al mail previews. A remote attacker can gain access to sensitive information when the victim opens a specially crafted email message.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/122373

#VU106873 Protection Mechanism Failure in macOS - CVE-2025-24172

Description

Remediation

External links

Please verify you're human