Memory Handling Vulnerability in Apple Operating Systems
CVE-2025-24244
5.5MEDIUM
Key Information:
- Vendor
- Apple
- Vendor
- CVE Published:
- 31 March 2025
Summary
A memory handling vulnerability has been identified in various Apple operating systems. By processing a specially crafted font, an attacker may exploit this flaw, potentially leading to the disclosure of sensitive process memory. Users are encouraged to update to the latest versions of macOS, iOS, tvOS, and iPadOS to mitigate this issue and enhance system security.
Affected Version(s)
iOS and iPadOS < 18.4
iPadOS < 17.7
macOS < 15.4
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved