Web Content Processing Flaw in Apple Products
CVE-2025-24162

6.5MEDIUM

Key Information:

Vendor: Apple
Status: Visionos; TV OS; Mac OS; Safari
Vendor: CVE Published:; 27 January 2025

Summary

This vulnerability pertains to a flaw in the processing of specially crafted web content across various Apple products. This issue can lead to unexpected process crashes, affecting the usability and security of the devices involved. The flaw was addressed with improved state management techniques in recent software updates, ensuring more robust handling of web content.

Affected Version(s)

iOS and iPadOS < 18.3

macOS < 15.3

Safari < 18.3

References

https://support.apple.com/en-us/122073

https://support.apple.com/en-us/122072

https://support.apple.com/en-us/122068

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Jan 17, 2025