Multiple Linux Kernel Vulnerabilities

April 23, 2025

Hackers Abuse Microsoft 365 OAuth Workflows to Launch Attacks on Organizations

April 23, 2025

Multiple Apple macOS Sonoma Vulnerabilities

April 23, 2025

Severity

Medium

Analysis Summary

CVE-2025-24215 CVSS:5.5

Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by an error in the CloudKit component. By using a specially crafted application, an attacker could access private information.

CVE-2025-24203 CVSS:5.5

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.

Impact

Information Disclosure
Security Bypass

Indicators of Compromise

CVE

CVE-2025-24215
CVE-2025-24203

Affected Vendors

Apple

Affected Products

Apple macOS Sonoma - 14.7.4

Remediation

Refer to Apple security document for patch, upgrade or suggested workaround information.

Apple security document

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Linux Kernel Vulnerabilities

Hackers Abuse Microsoft 365 OAuth Workflows to Launch Attacks on Organizations

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation