Vulnerability Analysis
CVE-2025-24085
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
CISA KEV
CVSS Base Score
10.0
CRITICAL
Exploitability:3.9
Impact Score:6.1
Temporal Score:-
EPSS:19.72%
Threat Intelligence Signals
CISA KEV
YES
KEV Date Added
2025-01-29
Ransomware Use
Unknown
KEV Due Date
2025-02-19
VulnCheck In-the-Wild
No
Nuclei Template
No
EPSS Score
19.720%
EPSS Percentile
97.1th pct
GHSA ID
GitHub Severity
HIGH
Identity & Timeline
| Status | - |
| Assigning Authority | - |
| CVSS Version / Source | - |
| Reserved | - |
| Published | - |
| Patch Date (date_public) | - |
| Exploit DB Date | - |
| First GitHub PoC Date | - |
| Last Updated | - |
| Time to Patch (Days to fix) | - |
| Exploit Release Gap | - |
| PoC Release Gap | - |
| Exploit DB References | None identified |
Affected Products & Versions
| Vendor | Product | Affected Versions |
|---|---|---|
| No affected products specified. | ||
Social Buzz