Primary

Context

Apple LaunchServices AirPlay Vulnerability Allowing JAR File to Bypass Gatekeeper Checks

Vulnerability

Patched

A vulnerability in the LaunchServices component of macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5 allows a malicious JAR file to bypass Gatekeeper checks. This issue was addressed with improved handling of executable types. Additionally, in the AirPlay component, a similar vulnerability exists where an attacker on the local network can cause a denial-of-service or leak sensitive user information, which has also been patched.

Impact

Exploitation of this vulnerability can lead to a bypass of Gatekeeper checks, allowing malicious JAR files to be executed without proper security validations.

Remediation

Users can update to macOS Ventura 13.7.5, macOS Sequoia 15.4, or macOS Sonoma 14.7.5 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple LaunchServices AirPlay Vulnerability Allowing JAR File to Bypass Gatekeeper Checks

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Ventura

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating