CVE-2025-24132
The issue was addressed with improved memory handling. This issue
Description
Description
The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Affected Vendors & Products
| Vendor | Product | Version |
|---|---|---|
| apple | airplay_audio_software_development_kit | to 2.7.1 (exc) |
| apple | airplay_video_software_development_kit | to 3.6.0.126 (exc) |
| apple | carplay_communication_plug-in | to r18.1 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
How can this vulnerability impact me? :
What immediate steps should I take to mitigate this vulnerability?
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart
Meta Information
CVE Publication Date:
2025-04-30
CVE Last Modified Date:
2025-05-12
Report Generation Date:
2025-11-04
AI Powered Q&A Generation:
2025-05-01
EPSS Last Evaluated Date:
2025-08-20
NVD Report Link: