⚠ Actively exploited
Added to CISA KEV on 2025-01-29. Federal agencies required to patch by 2025-02-19. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2025-24085Use After Free in Apple IOS AND Ipados

CWE-416Use After FreeCWE-276Incorrect Default Permissions21 documents8 sources
Severity
10.0CRITICALNVD
EPSS
14.8%
top 5.47%
CISA KEV
KEV
Added 2025-01-29
Due 2025-02-19
Exploit
PoC available
Public exploit / PoC exists
Affected products
7
Apple IOS AND IpadosApple IpadosApple Macos+4 more
Timeline
PublishedJan 27
KEV addedJan 29
KEV dueFeb 19
Latest updateDec 12
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages12 packages

CVEListV5apple/macos< 13.7.5+2
NVDapple/macos13.013.7.5+2
CVEListV5apple/ipados< 17.7.6
NVDapple/ipados18.018.3+1
CVEListV5apple/ios_and_ipados< 18.3

🔴Vulnerability Details

3
GHSA
GHSA-7h23-57pg-3hwc: A use after free issue was addressed with improved memory management2025-01-28
CVEList
CVE-2025-24085: A use after free issue was addressed with improved memory management2025-01-27
VulnCheck
Apple Multiple Products Use-After-Free Vulnerability2025

💥Exploits & PoCs

1
Exploit-DB
macOS LaunchDaemon iOS 17.2 - Privilege Escalation2025-06-05

📋Vendor Advisories

9
Apple
CVE-2025-24085: macOS Sonoma 14.7.52025-03-31
Apple
CVE-2025-24085: iPadOS 17.7.62025-03-31
Apple
CVE-2025-24085: macOS Ventura 13.7.52025-03-31
CISA
Apple Multiple Products Use-After-Free Vulnerability2025-01-29
Apple
CVE-2025-24085: tvOS 18.32025-01-27

🕵️Threat Intelligence

7
Bleepingcomputer
Apple fixes two zero-day flaws exploited in &#039;sophisticated&#039; attacks2025-12-12
Bleepingcomputer
Apple backports zero-day patches to older iPhones and iPads2025-09-16
Bleepingcomputer
Apple fixes new zero-day flaw exploited in targeted attacks2025-08-20
Bleepingcomputer
Apple patches security flaw exploited in Chrome zero-day attacks2025-07-30
Bleepingcomputer
Apple fixes two zero-days exploited in targeted iPhone attacks2025-04-16
CVE-2025-24085 — Use After Free in Apple IOS AND Ipados | cvebase