PT-2025-13885 · Apple · Visionos+5

Published

2025-03-31

Updated

2025-04-07

CVE-2025-24192

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Safari versions prior to 18.4 visionOS versions prior to 2.4 iOS versions prior to 18.4 iPadOS versions prior to 18.4 macOS Sequoia versions prior to 15.4

Description A script imports issue was addressed with improved isolation. Visiting a website may leak sensitive data.

Recommendations For Safari versions prior to 18.4, update to Safari 18.4. For visionOS versions prior to 2.4, update to visionOS 2.4. For iOS versions prior to 18.4, update to iOS 18.4. For iPadOS versions prior to 18.4, update to iPadOS 18.4. For macOS Sequoia versions prior to 15.4, update to macOS Sequoia 15.4.

Fix

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

BDU:2025-05543

CVE-2025-24192

Affected Products

Apple Macos

Safari

Ios

Ipados

Macos Sequoia

Visionos

PT-2025-13885 · Apple · Visionos+5

CVE-2025-24192

Weakness Enumeration

Related Identifiers

Affected Products

References · 16