CVE-2025-24118

moderate-risk

Published 2025-01-27

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.

Do I need to act?

27.0% chance of exploitation in next 30 days

EPSS score — higher than 73% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.1/10 High

LOCAL / LOW complexity

Affected Products (2)

Ipados

Macos

Affected Vendors

Apple

References (6)

Release Notes https://support.apple.com/en-us/122067

Release Notes https://support.apple.com/en-us/122068

Release Notes https://support.apple.com/en-us/122069

http://seclists.org/fulldisclosure/2025/Jan/14

http://seclists.org/fulldisclosure/2025/Jan/15

http://seclists.org/fulldisclosure/2025/Jan/16

/ 100

moderate-risk

Severity 22/34 · High

Exploitability 15/34 · Moderate

Exposure 7/34 · Low