CVE-2025-24211

Published Mar 31, 2025

Last updated 4 days ago

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-24211 is a memory corruption vulnerability affecting Apple products, specifically related to processing video files. The vulnerability lies within the Video File Handler component of macOS, tvOS, iPadOS, and visionOS. The vulnerability is triggered when processing a maliciously crafted video file, which can lead to unexpected application termination or corruption of process memory. The issue is addressed through improved memory handling in the patched versions of the operating systems.

Description
This issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
Source
product-security@apple.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-400

Social media

Hype score
Not currently trending