CVE-2025-24190

216.73.217.22

· Published 31/03/2025 23:15 · Modified 01/04/2025 20:26

Labels: CVE-2025-24190 2025-03-31 CVE-2025-24190 CWE-400 [email protected]

Essential information

Published: 31/03/2025 23:15
Modified: 01/04/2025 20:26
Author: —
Creator: —
CVSS: 9.8 CRITICAL (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
apple / visionos	`cpe:2.3:o:apple:visionos:2.4:::::::*`
apple / macos ventura	`cpe:2.3:o:apple:macos_ventura:13.7.5:::::::*`
apple / tvos	`cpe:2.3:o:apple:tvos:18.4:::::::*`
apple / ipados	`cpe:2.3:o:apple:ipados:17.7.6:::::::*`
apple / ios	`cpe:2.3:o:apple:ios:18.4:::::::*`
apple / macos sequoia	`cpe:2.3:o:apple:macos_sequoia:15.4:::::::*`
apple / macos sonoma	`cpe:2.3:o:apple:macos_sonoma:14.7.5:::::::*`