CVE-2025-24085 - Apple Multiple Products Use-After-Free Vulnerability
Project:Apple
Product:Multiple Products
Date Added:2025-01-29Due Date:2025-02-19
Vulnerability Name
Apple Multiple Products Use-After-Free Vulnerability
Description
Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://support.apple.com/en-us/122066
https://support.apple.com/en-us/122068
https://support.apple.com/en-us/122071
https://support.apple.com/en-us/122072
https://support.apple.com/en-us/122073
https://nvd.nist.gov/vuln/detail/CVE-2025-24085
Related News Articles
Apple backports zero-day patches to older iPhones and MacsApril 1, 2025
Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS DevicesApril 1, 2025
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted AttacksMarch 12, 2025
Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacksMarch 12, 2025
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency UpdateFebruary 11, 2025