CVE-2025-24085
Description
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
Risk Information
Base Score
10.0
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
25.511
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in Mac OS - Ventura (Software Update) - AutoReboot (13.7.5) | Mac |
| Multiple vulnerabilities are fixed in Mac OS - Sonoma (Software Update) - AutoReboot (14.7.5) | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-611601 | Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only) |
| PATCH-612607 | Mac OS - Sonoma 14.8.2 (Software Update)(Auto Reboot) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234