Memory Handling Vulnerability in Apple Devices
CVE-2025-24158

6.5MEDIUM

Key Information:

Vendor: Apple
Status: Visionos; TV OS; Mac OS; Safari
Vendor: CVE Published:; 27 January 2025

Summary

A significant memory handling issue in multiple Apple platforms could potentially allow attackers to exploit web content processing, resulting in a denial-of-service. This vulnerability has been addressed in recent updates, ensuring that affected devices such as visionOS, Safari, iOS, iPadOS, macOS Sequoia, watchOS, and tvOS are now better protected against such threats.

Affected Version(s)

iOS and iPadOS < 18.3

macOS < 15.3

Safari < 18.3

References

https://support.apple.com/en-us/122073

https://support.apple.com/en-us/122072

https://support.apple.com/en-us/122068

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Jan 17, 2025