CVE-2025-24228
Published: 31 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-24228 is a buffer overflow vulnerability addressed by improved memory handling in macOS. It affects macOS Sequoia versions prior to 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. Published on 2025-03-31, the issue is linked to CWE-125 (Out-of-bounds Read) and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A local attacker can exploit this vulnerability through an app, requiring low complexity and user interaction but no special privileges. Successful exploitation enables the app to execute arbitrary code with kernel privileges, potentially leading to high impacts on confidentiality, integrity, and availability.
Apple security advisories confirm the issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. Mitigation involves updating affected systems to these or later versions, as detailed in support documents at https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, https://support.apple.com/en-us/122375, and Full Disclosure mailing list entries at http://seclists.org/fulldisclosure/2025/Apr/10 and http://seclists.org/fulldisclosure/2025/Apr/8.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is a local buffer overflow in macOS that allows an unprivileged app to achieve arbitrary code execution with kernel privileges, directly enabling T1068 Exploitation for Privilege Escalation.