Cyber Resilience

CVE-2025-24102

Critical

Published: 27 January 2025

Published
27 January 2025
Modified
03 November 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0017 37.6th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-24102 is a critical-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Apple Macos. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique System Location Discovery (T1614); ranked at the 37.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2025-24102 is a vulnerability that allows an app to determine a user’s current location, addressed through improved checks. It affects iPadOS versions prior to 17.7.4, macOS Sequoia prior to 15.3, macOS Sonoma prior to 14.7.3, and macOS Ventura prior to 13.7.3. The issue is classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

The vulnerability enables exploitation over the network with low complexity, requiring no privileges or user interaction. An attacker can leverage a malicious app to gain high-impact access, including unauthorized determination of the user’s current location, potentially compromising confidentiality, integrity, and availability.

Apple advisories confirm the issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, and macOS Ventura 13.7.3 via improved checks. Mitigation requires updating affected systems to these patched versions, with details available in support documents at https://support.apple.com/en-us/122067, https://support.apple.com/en-us/122068, https://support.apple.com/en-us/122069, https://support.apple.com/en-us/122070, and http://seclists.org/fulldisclosure/2025/Jan/14.

EU & UK References

Vulnerability details

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to determine a user’s current location.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1614 System Location Discovery Discovery
Why these techniques?

The vulnerability directly enables unauthorized access to a user's current location via a malicious app, mapping to System Location Discovery (T1614).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-31279Same product: Apple Ipados
CVE-2026-20606Same product: Apple Ipados
CVE-2025-24232Same product: Apple Macos
CVE-2025-24263Same product: Apple Macos
CVE-2025-24109Same product: Apple Macos
CVE-2026-28962Same product: Apple Ipados
CVE-2025-43189Same product: Apple Macos
CVE-2025-24174Same product: Apple Macos
CVE-2025-43220Same product: Apple Ipados
CVE-2025-30465Same product: Apple Ipados

Affected Assets

apple
ipados
≤ 17.7.4
apple
macos
13.0 — 13.7.3 · 14.0 — 14.7.3 · 15.0 — 15.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely identification, reporting, and correction of software flaws like the insufficient location checks exploited in CVE-2025-24102, directly enabling patching to updated iPadOS and macOS versions.

prevent

Enforces approved authorizations and access control checks to prevent apps from bypassing restrictions and determining user location.

detect

Provides vulnerability scanning and monitoring to identify exposures like CVE-2025-24102 in affected Apple OS versions for prompt remediation.

References