433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652
Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability (CVE-2025-24204) that allowed attackers to read the memory of any process, even with System Integrity Protection (SIP) enabled. The issue stems from Apple mistakenly granting the /usr/bin/gcore utility the com.apple.system-task-ports.read entitlement in macOS 15.0 (Sequoia). Apple removed the entitlement in macOS 15.3. Koh M. Nakagawa speaking at Nullcon Berlin 2025 This entitlement gave gcore the ability to read the memory of any process on the … More → The post macOS vulnerability allowed Keychain and iOS app decryption without a password appeared first on Help Net Security.
http://news.poseidon-us.com/TMt3Tn