Out-of-Bounds Read Vulnerability in Apple Products
CVE-2025-24230
9.8CRITICAL
Key Information:
- Vendor
- Apple
- Vendor
- CVE Published:
- 31 March 2025
Summary
An out-of-bounds read issue was identified in various Apple products, which was mitigated through enhanced input validation measures. Exploiting this vulnerability by playing a specially crafted malicious audio file could result in the unexpected termination of the application, potentially impacting user experience and system stability.
Affected Version(s)
iOS and iPadOS < 18.4
iPadOS < 17.7
macOS < 15.4
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved