CVE-2025-24155

Vulnerability

Details

CVE-2025-24155 is a kernel memory disclosure vulnerability in macOS that arises from improper memory handling within the operating system. The flaw is present in macOS Ventura, Sonoma, and Sequoia prior to the specified updates, and it can be exploited by an unsandboxed application running on the same device.[1][2][3]

Attack

Vector and Exploitation

An attacker who can execute a malicious or compromised app on the target system can leverage this memory handling issue to read portions of kernel memory. No special privileges beyond app execution are required, and the attack does not require user interaction beyond the initial app execution. The vulnerability is triggered locally, not over the network, and does not rely on network-based attack vectors such as AFP server connections.

Impact

Successful exploitation of CVE-2025-24155 allows an unprivileged app to read kernel memory, which may contain sensitive information such as cryptographic keys, process credentials, or other privileged data. This information disclosure could serve as a stepping stone for further attacks, including privilege escalation or bypassing security mechanisms. The vulnerability is rated Medium (CVSS 5.5) by Apple, reflecting the local access requirement and the potential for significant information leak.

Mitigation

Apple has addressed this issue with improved memory handling in macOS Ventura 13.7.6, macOS Sonoma 14.7.6, and macOS Sequoia 15.3. Users are strongly advised to update to the latest available version for their macOS release. No workarounds have been publicly disclosed, and there is no evidence that this vulnerability is being actively exploited in the wild as of the publication date.