CVE-2025-24266
Published: 31 March 2025
Description
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Security Summary
CVE-2025-24266 is a buffer overflow vulnerability (CWE-120) addressed through improved bounds checking in macOS. It affects macOS Sequoia versions prior to 15.4, macOS Sonoma versions prior to 14.7.5, and macOS Ventura versions prior to 13.7.5. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity.
A remote attacker can exploit this vulnerability over the network with low attack complexity, requiring no privileges, authentication, or user interaction. Exploitation by an app can cause unexpected system termination, with potential for high impacts on confidentiality, integrity, and availability.
Apple security updates macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5 resolve the issue. Practitioners should prioritize patching affected systems, with further details in Apple's advisories at https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, https://support.apple.com/en-us/122375, and full disclosure postings at http://seclists.org/fulldisclosure/2025/Apr/10 and http://seclists.org/fulldisclosure/2025/Apr/8.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes a remotely exploitable buffer overflow (CWE-120) in macOS OS software with network vector, no authentication, no privileges, and no user interaction required, directly enabling exploitation of remote services for code execution or system impact as described in T1210.