Memory Handling Vulnerability in Apple Operating Systems
CVE-2025-24244

5.5MEDIUM

Key Information:

Vendor: Apple
Status: TV OS; iOS And iPad OS; iPad OS; Mac OS
Vendor: CVE Published:; 31 March 2025

Summary

A memory handling vulnerability has been identified in various Apple operating systems. By processing a specially crafted font, an attacker may exploit this flaw, potentially leading to the disclosure of sensitive process memory. Users are encouraged to update to the latest versions of macOS, iOS, tvOS, and iPadOS to mitigate this issue and enhance system security.

Affected Version(s)

iOS and iPadOS < 18.4

iPadOS < 17.7

macOS < 15.4

References

https://support.apple.com/en-us/122377

https://support.apple.com/en-us/122371

https://support.apple.com/en-us/122372

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Jan 17, 2025