CVE ID
CVE-2025-24085
Vulnerability Name
Apple Multiple Products Use-After-Free Vulnerability
- Project: Apple
- Product: Multiple Products
Date
- Date Added: 2025-01-29
- Due Date: 2025-02-19
Description
Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://support.apple.com/en-us/122066 ; https://support.apple.com/en-us/122068 ; https://support.apple.com/en-us/122071 ; https://support.apple.com/en-us/122072 ; https://support.apple.com/en-us/122073 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24085
Related Security News
- Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks
- Apple fixes new zero-day flaw exploited in targeted attacks
- Apple patches security flaw exploited in Chrome zero-day attacks
- Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
- Apple fixes two zero-days exploited in targeted iPhone attacks
- Apple backports zero-day patches to older iPhones and Macs
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
Top comments (0)