Cyber Resilience

CVE-2025-24257

High

Published: 31 March 2025

Published
31 March 2025
Modified
02 April 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
EPSS Score 0.0006 19.7th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-24257 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Ipados. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 19.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-24257 is an out-of-bounds write vulnerability (CWE-787) that was addressed through improved input validation in multiple Apple operating systems. It affects versions of iOS prior to 18.4, iPadOS prior to 18.4, macOS Sequoia prior to 15.4, visionOS prior to 2.4, and watchOS prior to 11.4. The flaw allows a malicious app to potentially cause unexpected system termination or write to kernel memory, earning a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H).

A local attacker with no privileges can exploit this vulnerability by convincing a user to interact with a malicious app, such as through social engineering to install or execute it. Successful exploitation enables high-impact integrity and availability disruption, including kernel memory corruption or system crashes, though it does not provide confidentiality gains or privilege escalation beyond the local context.

Apple's security advisories, detailed in support documents such as https://support.apple.com/en-us/122371, https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122376, and https://support.apple.com/en-us/122378, confirm the issue was fixed in the listed software updates. Mitigation requires applying these patches promptly to vulnerable devices. Additional details appear in a Full Disclosure mailing list post at http://seclists.org/fulldisclosure/2025/Apr/12.

EU & UK References

Vulnerability details

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination or write kernel…

more

memory.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
T1565.003 Runtime Data Manipulation Impact
Adversaries may modify systems in order to manipulate the data as it is accessed and displayed to an end user, thus threatening the integrity of the data.
Why these techniques?

Vulnerability enables malicious app to cause system termination via exploitation (T1499.004) and kernel memory corruption for runtime data manipulation (T1565.003).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-43656Same product: Apple Ipados
CVE-2026-20616Same product: Apple Ipados
CVE-2025-24154Same product: Apple Ipados
CVE-2026-28944Same product: Apple Ipados
CVE-2025-43300Same product: Apple Ipados
CVE-2025-43202Same product: Apple Ipados
CVE-2025-43209Same product: Apple Ipados
CVE-2023-43010Same product: Apple Ipados
CVE-2024-54543Same product: Apple Ipados
CVE-2026-20652Same product: Apple Ipados

Affected Assets

apple
ipados
≤ 18.4
apple
iphone os
≤ 18.4
apple
macos
15.0 — 15.4
apple
visionos
≤ 2.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the out-of-bounds write vulnerability by enforcing improved input validation to prevent malicious app inputs from corrupting kernel memory.

prevent

Mandates timely patching of known flaws, such as applying the iOS 18.4 and equivalent updates that remediate this specific CVE.

prevent

Provides memory protections like address space randomization and executable space protection to mitigate exploitation of out-of-bounds writes targeting kernel memory.

References