Buffer Overflow Vulnerability in Apple Products
CVE-2025-24237

9.8CRITICAL

Key Information:

Vendor: Apple
Status: iOS And iPad OS; iPad OS; Mac OS; Visionos
Vendor: CVE Published:; 31 March 2025

Summary

A buffer overflow vulnerability has been identified in Apple's products, potentially allowing malicious applications to exploit this flaw. This issue arises from insufficient bounds checking, which can lead to unexpected system terminations. The vulnerability has been addressed with critical updates in the latest versions of visionOS, macOS Ventura, iOS, iPadOS, macOS Sequoia, and macOS Sonoma, necessitating users to update to mitigate risks of exploitation.

Affected Version(s)

iOS and iPadOS < 18.4

iPadOS < 17.7

macOS < 15.4

References

https://support.apple.com/en-us/122371

https://support.apple.com/en-us/122372

https://support.apple.com/en-us/122373

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Jan 17, 2025