Login Sign Up

CVE-2025-24235

5.5 MEDIUM
Denial of Service

📋 TL;DR

A memory initialization vulnerability in macOS allows remote attackers to cause application crashes or heap corruption. This affects macOS Ventura, Sequoia, and Sonoma systems running vulnerable versions. The issue could lead to denial of service or potential code execution.

💻 Affected Systems

Products:
  • macOS
Versions: Versions prior to Ventura 13.7.5, Sequoia 15.4, Sonoma 14.7.5
Operating Systems: macOS Ventura, macOS Sequoia, macOS Sonoma
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected macOS versions are vulnerable

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise

🟠

Likely Case

Application crashes causing denial of service

🟢

If Mitigated

Limited to application termination with no data loss

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Remote exploitation possible but requires specific conditions

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5

Vendor Advisory: https://support.apple.com/en-us/122373

Restart Required: Yes

Instructions:

1. Open System Settings 2. Click General 3. Click Software Update 4. Install available updates 5. Restart when prompted

🔧 Temporary Workarounds

Network segmentation

all

Restrict network access to vulnerable systems

🧯 If You Can't Patch

  • Implement strict network access controls
  • Monitor for application crashes and suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check macOS version in System Settings > General > About

Check Version:

sw_vers

Verify Fix Applied:

Verify macOS version is Ventura 13.7.5, Sequoia 15.4, or Sonoma 14.7.5 or later

📡 Detection & Monitoring

Log Indicators:

  • Unexpected application terminations
  • Crash reports in Console.app

Network Indicators:

  • Unusual network traffic to macOS systems

SIEM Query:

source="macos" AND (event="crash" OR event="termination")

📊 Metadata

CVE ID: CVE-2025-24235
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-400
EPSS Score: 0.31% exploit probability (54th percentile)
Published: March 31, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-24235, you might also want to check these:

CVE-2024-45166 9.8

UCI IDOL2 through version 2.12 contains multiple memory corruption vulnerabilities due to improper i...

Same vulnerability type (CWE-400)
CVE-2025-61303 9.8

This vulnerability in Hatching Triage Sandbox allows malware samples to evade detection by recursive...

Same vulnerability type (CWE-400)
CVE-2024-39462 9.8

This is a Linux kernel memory corruption vulnerability in the BCM2711 DVP clock driver where array b...

Same vulnerability type (CWE-400)