VAR-202501-3666
Vulnerability from variot - Updated: 2025-11-18 15:32A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2. iPadOS , iOS , macOS Multiple Apple products contain a freed memory usage vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. VisionOS is an AR glasses system released by Apple at the 2023 Apple Worldwide Developers Conference on June 6, 2023. Apple Vision Pro will be equipped with this system for the first time. tvOS is a TV operating system developed by Apple based on iOS. watchOS is a watch operating system developed by Apple based on iOS for use on Apple Watch. iPadOS is a mobile operating system developed by Apple for iPad devices. It is developed based on iOS and is optimized specifically for iPad. macOS is an operating system developed by Apple that runs on Macintosh computers.
Many Apple products have a memory release and reuse vulnerability, which attackers can exploit to elevate privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202501-3666",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipados",
"scope": "lt",
"trust": 1.6,
"vendor": "apple",
"version": "18.3"
},
{
"model": "visionos",
"scope": "lt",
"trust": 1.6,
"vendor": "apple",
"version": "2.3"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.6,
"vendor": "apple",
"version": "11.3"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.6,
"vendor": "apple",
"version": "18.3"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "18.3"
},
{
"model": "ipados",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "17.7.6"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "15.0"
},
{
"model": "ipados",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "18.0"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "14.0"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "14.7.5"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.3"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "13.7.5"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": "11.3"
},
{
"model": "ipados",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "ios",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "macos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "tvos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "visionos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "macos sequoia",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "15.3"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "18.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07885"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"db": "NVD",
"id": "CVE-2025-24085"
}
]
},
"cve": "CVE-2025-24085",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2025-07885",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2025-24085",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2025-24085",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2025-24085",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2025-24085",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2025-24085",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-07885",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07885"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"db": "NVD",
"id": "CVE-2025-24085"
},
{
"db": "NVD",
"id": "CVE-2025-24085"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2. iPadOS , iOS , macOS Multiple Apple products contain a freed memory usage vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. VisionOS is an AR glasses system released by Apple at the 2023 Apple Worldwide Developers Conference on June 6, 2023. Apple Vision Pro will be equipped with this system for the first time. tvOS is a TV operating system developed by Apple based on iOS. watchOS is a watch operating system developed by Apple based on iOS for use on Apple Watch. iPadOS\u200c is a mobile operating system developed by Apple for iPad devices. It is developed based on iOS and is optimized specifically for iPad. macOS is an operating system developed by Apple that runs on Macintosh computers. \u200c\n\nMany Apple products have a memory release and reuse vulnerability, which attackers can exploit to elevate privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-24085"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"db": "CNVD",
"id": "CNVD-2025-07885"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-24085",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-001242",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-07885",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07885"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"db": "NVD",
"id": "CVE-2025-24085"
}
]
},
"id": "VAR-202501-3666",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07885"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07885"
}
]
},
"last_update_date": "2025-11-18T15:32:29.937000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "122072 Apple\u00a0 Security update",
"trust": 0.8,
"url": "https://support.apple.com/en-us/122066"
},
{
"title": "Patch for Memory free-and-reuse vulnerability in multiple Apple products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/682241"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07885"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.0
},
{
"problemtype": "Use of freed memory (CWE-416) [ others ]",
"trust": 0.8
},
{
"problemtype": " Use of freed memory (CWE-416) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"db": "NVD",
"id": "CVE-2025-24085"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://support.apple.com/en-us/122066"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/apr/9"
},
{
"trust": 1.0,
"url": "https://github.com/jgoyd/glass-cage-ios18-cve-2025-24085-cve-2025-24201"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/oct/30"
},
{
"trust": 1.0,
"url": "https://support.apple.com/en-us/122068"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/jan/12"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/oct/31"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/apr/5"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/oct/1"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/jan/15"
},
{
"trust": 1.0,
"url": "https://support.apple.com/en-us/122073"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2025-24085"
},
{
"trust": 1.0,
"url": "https://support.apple.com/en-us/122072"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/jun/19"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/jan/13"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/jan/19"
},
{
"trust": 1.0,
"url": "https://support.apple.com/en-us/122071"
},
{
"trust": 1.0,
"url": "https://github.com/cisagov/vulnrichment/issues/194"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/apr/10"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/oct/23"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-24085"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-07885"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"db": "NVD",
"id": "CVE-2025-24085"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-07885"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"db": "NVD",
"id": "CVE-2025-24085"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-04-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-07885"
},
{
"date": "2025-01-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"date": "2025-01-27T22:15:14.990000",
"db": "NVD",
"id": "CVE-2025-24085"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-04-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-07885"
},
{
"date": "2025-01-30T03:01:00",
"db": "JVNDB",
"id": "JVNDB-2025-001242"
},
{
"date": "2025-11-14T13:52:51.027000",
"db": "NVD",
"id": "CVE-2025-24085"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Freed memory usage vulnerability in multiple Apple products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-001242"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…