CVE-2025-24154

Critical

Published: 27 January 2025

Published

27 January 2025

Modified

02 April 2026

KEV Added

—

Patch

—

CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS Score 0.0031 53.8th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-24154 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Macos. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 46.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mandates validation of inputs to prevent out-of-bounds writes in kernel memory from malformed network data.

SI-2 Flaw Remediation good match

prevent

Requires timely identification, reporting, and patching of flaws like this kernel vulnerability fixed in Apple OS updates.

SI-16 Memory Protection partial match

prevent

Implements memory protection mechanisms to restrict unauthorized kernel memory modifications from out-of-bounds writes.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Kernel-level out-of-bounds write enabling remote memory corruption that serves as a primitive for privilege escalation.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

NVD Description

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, visionOS 2.3. An attacker may be able to cause unexpected system termination…

or corrupt kernel memory.

Deeper analysisAI

CVE-2025-24154 is an out-of-bounds write vulnerability (CWE-787, CWE-757) that was addressed through improved input validation in multiple Apple operating systems. The affected software includes iOS versions prior to 18.3, iPadOS versions prior to 18.3, macOS Sequoia versions prior to 15.3, macOS Sonoma versions prior to 14.7.3, macOS Ventura versions prior to 13.7.3, and visionOS versions prior to 2.3. Published on January 27, 2025, the flaw resides at the kernel level, enabling potential memory corruption.

The vulnerability carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H), indicating it is exploitable over the network with low complexity, no privileges or user interaction required, and unchanged scope. Remote, unauthenticated attackers can leverage it to cause unexpected system termination or corrupt kernel memory, resulting in high-impact availability disruption or integrity violations that could facilitate denial-of-service or serve as a primitive for further kernel exploitation.

Apple's security advisories, detailed in support documents such as https://support.apple.com/en-us/122066, https://support.apple.com/en-us/122068, https://support.apple.com/en-us/122069, https://support.apple.com/en-us/122070, and https://support.apple.com/en-us/122073, confirm the issue is fixed in the listed updates. Mitigation requires immediate patching to iOS 18.3/iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, or visionOS 2.3, with no additional workarounds specified.

Details

CWE(s): CWE-787 CWE-757

Affected Products

apple

ipados

≤ 18.3

apple

iphone os

≤ 18.3

apple

macos

≤ 13.7.3 · 14.0 — 14.7.3 · 15.0 — 15.3

apple

visionos

≤ 2.3

CVEs Like This One

CVE-2026-20688Same product: Apple Ipados

CVE-2026-20615Same product: Apple Ipados

CVE-2026-20677Same product: Apple Ipados

CVE-2026-20626Same product: Apple Ipados

CVE-2026-20698Same product: Apple Ipados

CVE-2025-31184Same product: Apple Ipados

CVE-2025-24173Same product: Apple Ipados

CVE-2026-20616Same product: Apple Ipados

CVE-2024-54517Same product: Apple Ipados

CVE-2025-24118Same product: Apple Ipados

References

https://support.apple.com/en-us/122066
Release Notes, Vendor Advisory · product-security@apple.com
https://support.apple.com/en-us/122068
Release Notes, Vendor Advisory · product-security@apple.com
https://support.apple.com/en-us/122069
Release Notes, Vendor Advisory · product-security@apple.com
https://support.apple.com/en-us/122070
Release Notes, Vendor Advisory · product-security@apple.com
https://support.apple.com/en-us/122073
Release Notes, Vendor Advisory · product-security@apple.com
http://seclists.org/fulldisclosure/2025/Jan/13
af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2025/Jan/15
af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2025/Jan/16
af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2025/Jan/17
af854a3a-2127-422b-91ae-364da2661108