CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-24179: A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, visionOS 2.3, macOS...
5.5
CVSS
Description
A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, visionOS 2.3, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, macOS Sequoia 15.3, tvOS 18.3. An attacker on the local network may be able to cause a denial-of-service.
Classification
CVE ID: CVE-2025-24179
CVSS Base Severity: MEDIUM
CVSS Base Score: 5.5
Problem Types
An attacker on the local network may be able to cause a denial-of-serviceAffected Products
Vendor: Apple
Product: visionOS, tvOS, macOS, iPadOS, iOS and iPadOS
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 4.68% (scored less or equal to compared to others)
EPSS Date: 2025-05-28 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2025-24179https://support.apple.com/en-us/122073
https://support.apple.com/en-us/122072
https://support.apple.com/en-us/122068
https://support.apple.com/en-us/122372
https://support.apple.com/en-us/122374
https://support.apple.com/en-us/122066
https://support.apple.com/en-us/122375