Cyber Resilience

CVE-2024-54509

High

Published: 27 January 2025

Published
27 January 2025
Modified
02 April 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0007 20.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-54509 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Macos. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 20.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2024-54509 is an out-of-bounds write vulnerability (CWE-787) in macOS, stemming from insufficient input validation. It affects macOS Sequoia prior to version 15.2 and macOS Sonoma prior to versions 14.7.2 and 14.7.3. The issue was publicly disclosed on January 27, 2025, and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant confidentiality, integrity, and availability impacts.

A local attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction required. Successful exploitation allows an malicious app to cause unexpected system termination or arbitrarily write to kernel memory, potentially enabling kernel code execution, privilege escalation, or persistent system compromise.

Apple's security advisories detail the fix through improved input validation, available in macOS Sequoia 15.2, macOS Sonoma 14.7.2, and macOS Sonoma 14.7.3. Security practitioners should prioritize updating affected systems, as referenced in Apple's support pages (e.g., HT121839, HT121840, HT122069) and related disclosures.

EU & UK References

Vulnerability details

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Out-of-bounds write enabling local kernel memory corruption and arbitrary write, directly facilitating privilege escalation via exploitation of a software vulnerability.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-30464Same product: Apple Macos
CVE-2025-24231Same product: Apple Macos
CVE-2025-24273Same product: Apple Macos
CVE-2026-28825Same product: Apple Macos
CVE-2025-24170Same product: Apple Macos
CVE-2026-28923Same product: Apple Macos
CVE-2024-54546Same product: Apple Macos
CVE-2025-43257Same product: Apple Macos
CVE-2024-40849Same product: Apple Macos
CVE-2026-28925Same product: Apple Macos

Affected Assets

apple
macos
≤ 14.7.2 · 15.0 — 15.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires input validation to prevent out-of-bounds writes from insufficiently validated inputs targeting kernel memory.

prevent

Mandates timely flaw remediation through patching to the fixed macOS versions that address this specific vulnerability.

prevent

Implements memory protection mechanisms to mitigate exploitation of out-of-bounds writes even if input validation fails.

References