Cyber Resilience

CVE-2025-24269

CriticalDDoS

Published: 31 March 2025

Published
31 March 2025
Modified
07 November 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0011 29.7th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-24269 is a critical-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Apple Macos. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-6 (Resource Availability) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-24269 is a vulnerability addressed through improved memory handling in macOS. It affects versions of macOS prior to Sequoia 15.4 and is associated with CWE-400 (Uncontrolled Resource Consumption). The core issue allows an app to cause unexpected system termination, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to high impacts across confidentiality, integrity, and availability.

A remote attacker with no privileges or user interaction can exploit this vulnerability over the network with low complexity. Exploitation enables high-impact effects, including unauthorized access to sensitive data (C:H), modification of system resources (I:H), and disruption of services such as unexpected system termination (A:H), potentially leading to denial of service or broader compromise.

Apple's advisory confirms the issue is fixed in macOS Sequoia 15.4. Mitigation requires updating affected systems to this version. Additional details are available in the Apple security update at https://support.apple.com/en-us/122373 and the Full Disclosure mailing list posting at http://seclists.org/fulldisclosure/2025/Apr/8.

EU & UK References

Vulnerability details

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to cause unexpected system termination.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Vulnerability enables remote network exploitation of macOS memory handling leading to system termination (DoS) with potential broader compromise, directly mapping to public-facing app exploitation and application/system exploitation for DoS.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-24247Same product: Apple Macos
CVE-2025-24260Same product: Apple Macos
CVE-2025-43193Same product: Apple Macos
CVE-2024-54546Same product: Apple Macos
CVE-2026-28908Same product: Apple Macos
CVE-2025-24265Same product: Apple Macos
CVE-2026-28842Same product: Apple Macos
CVE-2025-30444Same product: Apple Macos
CVE-2025-24139Same product: Apple Macos
CVE-2025-30437Same product: Apple Macos

Affected Assets

apple
macos
≤ 15.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses memory handling vulnerabilities by implementing controls to minimize the impact of flaws like uncontrolled resource consumption leading to system termination.

prevent

Ensures timely remediation of identified flaws, such as this memory handling issue fixed in macOS Sequoia 15.4, preventing exploitation.

prevent

Protects critical system resources like memory from unauthorized depletion or degradation, mitigating uncontrolled resource consumption attacks causing DoS.

References