Primary

Context

Apple macOS Recovery Authentication Vulnerability Allowing Access to Sensitive User Information on Locked Devices

Vulnerability

Patched

A vulnerability in the macOS Recovery feature of Apple operating systems, including macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5, allows an attacker with physical access to a locked device to view sensitive user information. This issue arises from improper state management in the authentication process.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data on a locked device.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple macOS Recovery Authentication Vulnerability Allowing Access to Sensitive User Information on Locked Devices

Vulnerability

Impact

Affected Products

Apple macOS Ventura

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating