AI description
Generated using AI and has not been reviewed by Intruder. May contain errors.
CVE-2025-24160 is a vulnerability found in Apple's CoreAudio component. This vulnerability can be triggered by parsing a specially crafted file, which may lead to an unexpected termination of the application that is processing the file. The issue was addressed by Apple with improved checks within CoreAudio. This vulnerability affects various Apple operating systems, including iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, and tvOS 18.3. The vulnerability was discovered and reported by Google's Threat Analysis Group.
- Description
- The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.
- Source
- product-security@apple.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-404
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
6