CVE-2025-24237

CRITICAL

iPadOS < 17.7.6 - Buffer Overflow

Title source: llm
STIX 2.1

Description

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination.

Scores

CVSS v3 9.8
EPSS 0.0151
EPSS Percentile 71.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-120
Status published
Products (11)
Apple/iOS and iPadOS < 18.4
apple/ipados < 17.7.6
Apple/iPadOS < 17.7.6
apple/iphone_os < 18.4
Apple/macOS < 13.7.5
Apple/macOS < 14.7.5
Apple/macOS < 15.4
apple/macos 13.0 - 13.7.5
apple/visionos < 2.4
Apple/visionOS < 2.4
... and 1 more
Published Mar 31, 2025
Tracked Since Feb 18, 2026