CVE-2025-24269
Published: 31 March 2025
Summary
CVE-2025-24269 is a critical-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Apple Macos. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 26.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-6 (Resource Availability) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses memory handling vulnerabilities by implementing controls to minimize the impact of flaws like uncontrolled resource consumption leading to system termination.
Ensures timely remediation of identified flaws, such as this memory handling issue fixed in macOS Sequoia 15.4, preventing exploitation.
Protects critical system resources like memory from unauthorized depletion or degradation, mitigating uncontrolled resource consumption attacks causing DoS.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables remote network exploitation of macOS memory handling leading to system termination (DoS) with potential broader compromise, directly mapping to public-facing app exploitation and application/system exploitation for DoS.
NVD Description
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to cause unexpected system termination.
Deeper analysisAI
CVE-2025-24269 is a vulnerability addressed through improved memory handling in macOS. It affects versions of macOS prior to Sequoia 15.4 and is associated with CWE-400 (Uncontrolled Resource Consumption). The core issue allows an app to cause unexpected system termination, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to high impacts across confidentiality, integrity, and availability.
A remote attacker with no privileges or user interaction can exploit this vulnerability over the network with low complexity. Exploitation enables high-impact effects, including unauthorized access to sensitive data (C:H), modification of system resources (I:H), and disruption of services such as unexpected system termination (A:H), potentially leading to denial of service or broader compromise.
Apple's advisory confirms the issue is fixed in macOS Sequoia 15.4. Mitigation requires updating affected systems to this version. Additional details are available in the Apple security update at https://support.apple.com/en-us/122373 and the Full Disclosure mailing list posting at http://seclists.org/fulldisclosure/2025/Apr/8.
Details
- CWE(s)