Null Pointer Dereference Vulnerability in Apple Products
CVE-2025-24179

5.7MEDIUM

Key Information:

Vendor: Apple
Status: Visionos; TV OS; Mac OS; iPad OS
Vendor: CVE Published:; 29 April 2025

Summary

A vulnerability has been identified in various Apple products, stemming from a null pointer dereference that could be exploited to invoke a denial-of-service condition. This issue highlights the importance of robust input validation, which has now been enhanced in the affected versions. Users are advised to update to the latest software to mitigate any risks associated with this flaw.

Affected Version(s)

iOS and iPadOS < 18.3

iPadOS < 17.7

macOS < 15.3

References

https://support.apple.com/en-us/122073

https://support.apple.com/en-us/122072

https://support.apple.com/en-us/122068

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 29, 2025