Cyber Resilience

CVE-2024-54546

High

Published: 10 March 2025

Published
10 March 2025
Modified
14 March 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0021 44.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-54546 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Apple Macos. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 44.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-54546 is a memory handling vulnerability affecting macOS versions prior to Sequoia 15. The issue, classified under CWE-400 (Uncontrolled Resource Consumption), was addressed through improved memory management in the kernel. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N), indicating high integrity impact with no confidentiality or availability effects.

The vulnerability can be exploited by an unprivileged attacker over the network with low complexity and no user interaction required. A malicious app can trigger the flaw to corrupt kernel memory or cause unexpected system termination, potentially enabling further kernel-level disruptions or persistence mechanisms.

Apple's security advisory at https://support.apple.com/en-us/121238 confirms the fix in macOS Sequoia 15, recommending users update to the patched version to mitigate the issue. No additional workarounds are specified in available details.

EU & UK References

Vulnerability details

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause unexpected system termination or corrupt kernel memory.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Kernel memory corruption from user-space malicious app directly enables privilege escalation to kernel level; potential persistence is a secondary effect.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2024-54509Same product: Apple Macos
CVE-2025-24176Same product: Apple Macos
CVE-2025-24267Same product: Apple Macos
CVE-2026-20658Same product: Apple Macos
CVE-2025-24170Same product: Apple Macos
CVE-2025-24255Same product: Apple Macos
CVE-2025-30449Same product: Apple Macos
CVE-2026-28923Same product: Apple Macos
CVE-2025-43257Same product: Apple Macos
CVE-2026-28840Same product: Apple Macos

Affected Assets

apple
macos
≤ 15.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the specific kernel memory handling flaw through timely flaw identification, reporting, and patching as provided in macOS Sequoia 15.

prevent

Implements controls designed to minimize the impact of memory-based attacks, comprehensively addressing kernel memory corruption exploited by this vulnerability.

prevent

Prohibits or controls user-installed software to prevent malicious apps from being installed and triggering the kernel memory corruption.

References