CVE-2025-24201

Summary

CVE-2025-24201 is an out-of-bounds write vulnerability that Apple has addressed by implementing enhanced checks to prevent unauthorized actions. This issue can potentially allow maliciously crafted web content to break out of the Web Content sandbox. Impacted software includes visionOS 2.3.2, iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, and Safari 18.3.1. This is a supplementary fix for an exploit that was previously blocked in iOS 17.2. Apple has acknowledged reports indicating that this vulnerability may have been exploited in highly sophisticated attacks against specific individuals using older versions of iOS.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.