Login Sign Up

CVE-2025-24237

9.8 CRITICAL
Denial of Service Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability in Apple operating systems allows malicious apps to cause system crashes or potentially execute arbitrary code. This affects visionOS, macOS, iOS, and iPadOS users running outdated versions. The vulnerability stems from improper bounds checking that can be exploited to trigger unexpected system termination.

💻 Affected Systems

Products:
  • visionOS
  • macOS
  • iOS
  • iPadOS
Versions: All versions before visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4, iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5
Operating Systems: Apple visionOS, Apple macOS, Apple iOS, Apple iPadOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects multiple Apple operating systems across different version branches. All default configurations are vulnerable until patched.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Visionos by Apple

View all CVEs affecting Visionos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or persistent malware installation.

🟠

Likely Case

Application-induced system crashes (denial of service) disrupting user productivity and system availability.

🟢

If Mitigated

Limited impact with proper application sandboxing and security controls preventing exploitation.

🌐 Internet-Facing: MEDIUM - Requires malicious app installation but could be delivered through compromised app stores or social engineering.
🏢 Internal Only: LOW - Requires local application execution; network-based exploitation unlikely without user interaction.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires malicious application installation. No public exploit code available at disclosure time. Buffer overflow exploitation typically requires specific memory manipulation knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5

Vendor Advisory: https://support.apple.com/en-us/122371

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Navigate to General > Software Update. 3. Download and install the latest available update. 4. Restart device when prompted.

🔧 Temporary Workarounds

Application Restriction

all

Restrict installation of untrusted applications to reduce attack surface.

For macOS: System Settings > Privacy & Security > Allow apps downloaded from: App Store

🧯 If You Can't Patch

  • Implement application allowlisting to prevent unauthorized app execution
  • Enable full disk encryption and regular backups to mitigate potential data loss from system crashes

🔍 How to Verify

Check if Vulnerable:

Check current OS version against affected versions list. For macOS: System Settings > General > About. For iOS/iPadOS: Settings > General > About.

Check Version:

macOS: sw_vers -productVersion, iOS/iPadOS: Settings > General > About > Version

Verify Fix Applied:

Verify OS version matches or exceeds patched versions listed in fix_official section.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected application crashes
  • System panic/kernel logs indicating memory corruption
  • Console logs showing buffer overflow errors

Network Indicators:

  • Unusual outbound connections from recently installed applications
  • Traffic to known malicious app distribution sites

SIEM Query:

source="apple_system_logs" AND ("panic" OR "kernel" OR "segmentation fault") AND NOT process="legitimate_system_process"

📊 Metadata

CVE ID: CVE-2025-24237
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-120
EPSS Score: 1.79% exploit probability (82.4th percentile)
Published: March 31, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-24237, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)