CVE-2025-24085
A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
| Software | From | Fixed in |
|---|---|---|
| apple / iphone_os | - | 18.3 |
| apple / visionos | - | 2.3 |
| apple / watchos | - | 11.3 |
| apple / tvos | - | 18.3 |
| apple / ipados | - | 17.7.6 |
| apple / ipados | 18.0 | 18.3 |
| apple / macos | - | 13.7.5 |
| apple / macos | 14.0 | 14.7.5 |
| apple / macos | 15.0 | 15.3 |
- http://seclists.org/fulldisclosure/2025/Apr/10
- http://seclists.org/fulldisclosure/2025/Apr/5
- http://seclists.org/fulldisclosure/2025/Apr/9
- http://seclists.org/fulldisclosure/2025/Jan/12
- http://seclists.org/fulldisclosure/2025/Jan/13
- http://seclists.org/fulldisclosure/2025/Jan/15
- http://seclists.org/fulldisclosure/2025/Jan/19
- http://seclists.org/fulldisclosure/2025/Jun/19
- http://seclists.org/fulldisclosure/2025/Oct/1
- http://seclists.org/fulldisclosure/2025/Oct/23
- http://seclists.org/fulldisclosure/2025/Oct/30
- http://seclists.org/fulldisclosure/2025/Oct/31
- https://github.com/cisagov/vulnrichment/issues/194
- https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201
- https://support.apple.com/en-us/122066
- https://support.apple.com/en-us/122068
- https://support.apple.com/en-us/122071
- https://support.apple.com/en-us/122072
- https://support.apple.com/en-us/122073
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24085
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime