AI description
CVE-2025-24211 is a memory corruption vulnerability affecting Apple products, specifically related to processing video files. The vulnerability lies within the Video File Handler component of macOS, tvOS, iPadOS, and visionOS. The vulnerability is triggered when processing a maliciously crafted video file, which can lead to unexpected application termination or corruption of process memory. The issue is addressed through improved memory handling in the patched versions of the operating systems.
- Description
- This issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
- Source
- product-security@apple.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-400
- Hype score
- Not currently trending
Apple macOS MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability ๐ CVE ID : CVE-2025-24211
@7h3h4ckv157
1 Apr 2025
1584 Impressions
1 Retweet
20 Likes
4 Bookmarks
0 Replies
0 Quotes
[ZDI-25-191|CVE-2025-24211] Apple macOS MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (CVSS 8.8; Credit: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative) https://t.co/K3yzgQqU4V
@TheZDIBugs
1 Apr 2025
2366 Impressions
3 Retweets
6 Likes
4 Bookmarks
0 Replies
0 Quotes