CVE-2024-54546

High

Published: 10 March 2025

Published

10 March 2025

Modified

14 March 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS Score 0.0021 43.7th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-54546 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Apple Macos. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 43.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the specific kernel memory handling flaw through timely flaw identification, reporting, and patching as provided in macOS Sequoia 15.

SI-16 Memory Protection good match

prevent

Implements controls designed to minimize the impact of memory-based attacks, comprehensively addressing kernel memory corruption exploited by this vulnerability.

CM-11 User-installed Software partial match

prevent

Prohibits or controls user-installed software to prevent malicious apps from being installed and triggering the kernel memory corruption.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Kernel memory corruption from user-space malicious app directly enables privilege escalation to kernel level; potential persistence is a secondary effect.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

NVD Description

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause unexpected system termination or corrupt kernel memory.

Deeper analysisAI

CVE-2024-54546 is a memory handling vulnerability affecting macOS versions prior to Sequoia 15. The issue, classified under CWE-400 (Uncontrolled Resource Consumption), was addressed through improved memory management in the kernel. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N), indicating high integrity impact with no confidentiality or availability effects.

The vulnerability can be exploited by an unprivileged attacker over the network with low complexity and no user interaction required. A malicious app can trigger the flaw to corrupt kernel memory or cause unexpected system termination, potentially enabling further kernel-level disruptions or persistence mechanisms.

Apple's security advisory at https://support.apple.com/en-us/121238 confirms the fix in macOS Sequoia 15, recommending users update to the patched version to mitigate the issue. No additional workarounds are specified in available details.

Details

CWE(s): CWE-400

Affected Products

apple

macos

≤ 15.0

CVEs Like This One

CVE-2025-24267Same product: Apple Macos

CVE-2026-28817Same product: Apple Macos

CVE-2025-24277Same product: Apple Macos

CVE-2025-43193Same product: Apple Macos

CVE-2025-24234Same product: Apple Macos

CVE-2025-24255Same product: Apple Macos

CVE-2025-24170Same product: Apple Macos

CVE-2025-24228Same product: Apple Macos

CVE-2026-20658Same product: Apple Macos

CVE-2026-28821Same product: Apple Macos

References

https://support.apple.com/en-us/121238
Release Notes, Vendor Advisory · product-security@apple.com