CVE-2025-24260
Published: 31 March 2025
Summary
CVE-2025-24260 is a critical-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Apple Macos. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the memory handling vulnerability by requiring timely remediation through application of vendor patches like macOS Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5.
Implements memory protection mechanisms that mitigate exploitation of memory handling flaws classified as CWE-400 uncontrolled resource consumption.
Provides denial-of-service protections tailored to resource exhaustion attacks from this remotely exploitable memory vulnerability with high availability impact.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated memory handling vulnerability with high confidentiality, integrity, and availability impact enables exploitation of public-facing applications or services on macOS for initial access or system impact.
NVD Description
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker in a privileged position may be able to perform a denial-of-service.
Deeper analysisAI
CVE-2025-24260 is a memory handling vulnerability, classified under CWE-400 (Uncontrolled Resource Consumption), affecting macOS Sequoia prior to version 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. Published on 2025-03-31, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for remote exploitation with low complexity and no user interaction or privileges required.
An attacker in a privileged position may exploit this vulnerability to perform a denial-of-service, aligning with the high availability impact in the CVSS score, though the vector also indicates high confidentiality and integrity impacts.
Apple advisories confirm the issue was addressed through improved memory handling in macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. Mitigation involves applying these updates, as detailed in support documents at https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, https://support.apple.com/en-us/122375, and Full Disclosure mailing list entries at http://seclists.org/fulldisclosure/2025/Apr/10 and http://seclists.org/fulldisclosure/2025/Apr/8.
Details
- CWE(s)