CVE-2025-24085

A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.

CVSS v3 10.0 CRITICAL

10.0^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://support.apple.com/en-us/122066	Release Notes Vendor Advisory
https://support.apple.com/en-us/122068	Release Notes Vendor Advisory
https://support.apple.com/en-us/122071	Release Notes Vendor Advisory
https://support.apple.com/en-us/122072	Release Notes Vendor Advisory
https://support.apple.com/en-us/122073	Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2025/Apr/10	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Apr/5	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Apr/9	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Jan/12	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Jan/13	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Jan/15	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Jan/19	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Jun/19	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Oct/1	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Oct/23	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Oct/30	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Oct/31	Mailing List Third Party Advisory
https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201	Third Party Advisory
https://github.com/cisagov/vulnrichment/issues/194	Issue Tracking
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24085	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

14 Nov 2025, 13:52

Type	Values Removed	Values Added
References	~~() https://github.com/cisagov/vulnrichment/issues/194 -~~	() https://github.com/cisagov/vulnrichment/issues/194 - Issue Tracking
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 10.0

13 Nov 2025, 20:15

Type	Values Removed	Values Added
References		() https://github.com/cisagov/vulnrichment/issues/194 -

12 Nov 2025, 14:32

Type	Values Removed	Values Added
References	~~() https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 -~~	() https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 - Third Party Advisory

11 Nov 2025, 15:15

Type	Values Removed	Values Added
References		() https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 -

04 Nov 2025, 15:08

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2025/Apr/10 -~~	() http://seclists.org/fulldisclosure/2025/Apr/10 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Apr/5 -~~	() http://seclists.org/fulldisclosure/2025/Apr/5 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Apr/9 -~~	() http://seclists.org/fulldisclosure/2025/Apr/9 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Jan/12 -~~	() http://seclists.org/fulldisclosure/2025/Jan/12 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Jan/13 -~~	() http://seclists.org/fulldisclosure/2025/Jan/13 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Jan/15 -~~	() http://seclists.org/fulldisclosure/2025/Jan/15 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Jan/19 -~~	() http://seclists.org/fulldisclosure/2025/Jan/19 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Jun/19 -~~	() http://seclists.org/fulldisclosure/2025/Jun/19 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Oct/1 -~~	() http://seclists.org/fulldisclosure/2025/Oct/1 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Oct/23 -~~	() http://seclists.org/fulldisclosure/2025/Oct/23 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Oct/30 - Mailing List~~	() http://seclists.org/fulldisclosure/2025/Oct/30 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Oct/31 -~~	() http://seclists.org/fulldisclosure/2025/Oct/31 - Mailing List, Third Party Advisory

03 Nov 2025, 21:19

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/Apr/10 - () http://seclists.org/fulldisclosure/2025/Apr/5 - () http://seclists.org/fulldisclosure/2025/Apr/9 - () http://seclists.org/fulldisclosure/2025/Jan/12 - () http://seclists.org/fulldisclosure/2025/Jan/13 - () http://seclists.org/fulldisclosure/2025/Jan/15 - () http://seclists.org/fulldisclosure/2025/Jan/19 -

03 Nov 2025, 20:17

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/Jun/19 -

03 Nov 2025, 19:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/Oct/1 -

03 Nov 2025, 18:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/Oct/23 - () http://seclists.org/fulldisclosure/2025/Oct/31 -

30 Oct 2025, 15:51

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2025/Oct/30 -~~	() http://seclists.org/fulldisclosure/2025/Oct/30 - Mailing List

30 Oct 2025, 03:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/Oct/30 -

23 Oct 2025, 18:50

Type	Values Removed	Values Added
References	~~() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24085 -~~	() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24085 - US Government Resource

21 Oct 2025, 23:16

Type	Values Removed	Values Added
References		() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24085 -

21 Oct 2025, 20:20

Type	Values Removed	Values Added
References	~~{'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24085', 'source': '134c704f-9b21-4f2e-91b3-4a467353bcc0'}~~

21 Oct 2025, 19:21

Type	Values Removed	Values Added
References		() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24085 -

29 Jan 2025, 16:56

Type	Values Removed	Values Added
References	~~() https://support.apple.com/en-us/122066 -~~	() https://support.apple.com/en-us/122066 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/122068 -~~	() https://support.apple.com/en-us/122068 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/122071 -~~	() https://support.apple.com/en-us/122071 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/122072 -~~	() https://support.apple.com/en-us/122072 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/122073 -~~	() https://support.apple.com/en-us/122073 - Release Notes, Vendor Advisory
First Time		Apple watchos Apple visionos Apple iphone Os Apple Apple tvos Apple macos Apple ipados
CPE		cpe:2.3:o:apple:tvos:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:visionos:::::::: cpe:2.3:o:apple:watchos:::::::: cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:macos::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~7.3~~	v2 : unknown v3 : 7.8

29 Jan 2025, 15:15

Type	Values Removed	Values Added
CWE	~~CWE-276~~	CWE-416
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 7.3

28 Jan 2025, 16:15

Type	Values Removed	Values Added
CWE		CWE-276
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
Summary		(es) Se solucionó un problema de use after free con una mejor gestión de la memoria. Este problema se solucionó en visionOS 2.3, iOS 18.3 y iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3 y tvOS 18.3. Una aplicación maliciosa podría elevar privilegios. Apple tiene conocimiento de un informe que indica que este problema puede haberse explotado activamente contra versiones de iOS anteriores a iOS 17.2.

27 Jan 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-27 22:15

Updated : 2025-11-14 13:52

NVD link : CVE-2025-24085

Mitre link : CVE-2025-24085

CVE.ORG link : CVE-2025-24085

JSON object : View

Products Affected

apple

watchos
iphone_os
visionos
tvos
ipados
macos

CWE

CWE-416

Use After Free

10.0 /10