CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2025-24085

CVSS 10.0v3.1pub. 2025-01-27upd. 2026-04-03

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.

🤖 AI Analysis
How it works

The use-after-free vulnerability (CWE-416) occurs when code references a memory area that has already been freed, leading to undefined system behavior. A malicious application installed on the device can trigger an appropriate sequence of operations to gain access to the freed memory segment and thus take control of code execution flow. This results in the ability to obtain higher system privileges than those to which the application is normally entitled. Apple resolved the issue by improving memory management mechanisms.

Impact

A malicious application installed on the device can perform privilege escalation, obtaining elevated system privileges. This can lead to complete takeover of the device, including compromise of confidentiality, integrity, and availability of data.

Mitigation & patch

Devices must be immediately updated to: iOS 18.3 or iPadOS 18.3 (or iPadOS 17.7.6 for older devices), macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. Details are available in official Apple security bulletins at the addresses indicated in the references.

Who is affected

iOS before version 18.3, iPadOS before versions 18.3 and 17.7.6, macOS Sequoia before 15.3, macOS Sonoma before 14.7.5, macOS Ventura before 13.7.5, tvOS before 18.3, visionOS before 2.3, watchOS before 11.3. Confirmed active attacks on iOS versions older than 17.2.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Apple iPadOS

    OS
    Apple
    < 17.7.618.0 – 18.3 (bez)
  • Apple iOS

    OS
    Apple
    < 18.3
  • Apple macOS

    OS
    Apple
    13.0 – 13.7.5 (bez)14.0 – 14.7.5 (bez)15.0 – 15.3 (bez)
  • Apple tvOS

    OS
    Apple
    < 18.3
  • Apple Visionos

    OS
    Apple
    < 2.3
  • Apple watchOS

    OS
    Apple
    < 11.3

CISA KEV — detailsi

Vendori
Apple
Producti
Multiple Products
Added to KEVi
January 29, 2025
Remediation deadline (US Federal)i
February 19, 2025(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 19 lutego 2025
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-43300CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu

CVE-2025-31201CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach

CVE-2025-31200CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Apple — memory corruption (RCE) w przetwarzaniu strumieni audio

CVE-2025-24201CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki