CVE-2025-24247
Published: 31 March 2025
Summary
CVE-2025-24247 is a critical-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Apple Macos. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 mandates timely identification, reporting, and patching of flaws like this type confusion vulnerability, directly preventing exploitation by applying the fixed macOS versions.
SI-10 requires validation of information inputs to detect and block malformed data that triggers type confusion leading to uncontrolled resource consumption and app crashes.
SI-16 enforces memory protection mechanisms that mitigate type confusion vulnerabilities by preventing unauthorized memory access and corruption resulting in high-impact C/I/A violations.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes a remotely exploitable type confusion vulnerability in macOS that requires no privileges or user interaction and can be triggered over the network, directly enabling T1190: Exploit Public-Facing Application for initial access and potential code execution or denial of service.
NVD Description
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker may be able to cause unexpected app termination.
Deeper analysisAI
CVE-2025-24247 is a type confusion vulnerability addressed through improved checks in Apple macOS. It affects macOS Sequoia versions prior to 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. The issue is classified under CWE-400 (Uncontrolled Resource Consumption) and carries a CVSS v3.1 base score of 9.8, indicating critical severity due to its network accessibility, low attack complexity, lack of required privileges or user interaction, and high impacts on confidentiality, integrity, and availability.
A remote attacker with no privileges or user interaction can exploit this vulnerability over the network. Successful exploitation may enable the attacker to cause unexpected application termination, potentially leading to broader system impacts aligned with the high CVSS scores for confidentiality, integrity, and availability violations.
Apple security advisories detail the fix via improved checks in the specified macOS updates: Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5. Practitioners should prioritize patching affected systems, with further details available in the referenced support pages and full disclosure announcements.
Details
- CWE(s)