CVE-2025-30437
Published: 31 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-30437 is a bounds checking vulnerability (CWE-119) affecting macOS prior to Sequoia 15.4, where an app could corrupt coprocessor memory due to insufficient validation of input bounds. The issue was addressed through improved bounds checks, as detailed in Apple's security advisory.
Remote attackers can exploit this vulnerability over the network (AV:N) without privileges (PR:N) or user interaction (UI:N), though it requires high attack complexity (AC:H). Successful exploitation allows high-impact confidentiality (C:H) and integrity (I:H) violations with no availability impact (A:N) and unchanged scope (S:U), enabling an app to corrupt coprocessor memory, potentially leading to unauthorized data access or modification.
Apple's advisory at https://support.apple.com/en-us/122373 confirms the fix in macOS Sequoia 15.4, recommending immediate updates to mitigate the issue. Additional details appear in the Full Disclosure mailing list at http://seclists.org/fulldisclosure/2025/Apr/8.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Remote network-exploitable bounds checking vulnerability (CWE-119) in macOS allowing coprocessor memory corruption with no privileges or user interaction required directly maps to exploiting a public-facing application for initial access and code execution.