Cyber Posture

CVE-2025-24265

Critical

Published: 31 March 2025

Published
31 March 2025
Modified
02 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0015 35.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-24265 is a critical-severity Out-of-bounds Read (CWE-125) vulnerability in Apple Macos. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 35.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Application or System Exploitation (T1499.004). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mandates timely patching of known flaws like this out-of-bounds read vulnerability fixed in macOS updates 15.4, 14.7.5, and 13.7.5.

SI-16 Memory Protection good match
prevent

Implements memory safeguards including bounds checking to prevent exploitation of out-of-bounds read vulnerabilities that cause system termination.

SI-11 Error Handling partial match
prevent

Ensures secure error handling to mitigate unexpected system termination resulting from out-of-bounds read errors without fully addressing the underlying memory access flaw.

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

The out-of-bounds read vulnerability allows remote unauthenticated exploitation leading to system termination, directly enabling application or system exploitation for endpoint denial of service.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

NVD Description

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.

Deeper analysisAI

CVE-2025-24265 is an out-of-bounds read vulnerability (CWE-125) addressed through improved bounds checking in macOS. It affects macOS Sequoia prior to version 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5.

The vulnerability carries a CVSS v3.1 base score of 9.8 (Critical), indicating a network-based attack vector with low attack complexity, no required privileges or user interaction, and unchanged scope. A remote, unauthenticated attacker can exploit it via a malicious app to cause unexpected system termination, with high impacts on confidentiality, integrity, and availability.

Apple's security advisories confirm the issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. Mitigation requires updating to these patched versions, as detailed in support documents such as https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, and https://support.apple.com/en-us/122375, along with full disclosure notices on seclists.org.

Details

CWE(s)
CWE-125

Affected Products

apple
macos
13.0 — 13.7.5 · 14.0 — 14.7.5 · 15.0 — 15.4

CVEs Like This One

CVE-2024-44199Same product: Apple Macos
CVE-2026-20620Same product: Apple Macos
CVE-2026-28842Same product: Apple Macos
CVE-2026-28832Same product: Apple Macos
CVE-2025-24228Same product: Apple Macos
CVE-2025-24139Same product: Apple Macos
CVE-2025-43244Same product: Apple Macos
CVE-2025-24196Same product: Apple Macos
CVE-2025-24256Same product: Apple Macos
CVE-2026-20639Same product: Apple Macos

References