PT-2025-13887 · Apple · Visionos+5

Published

2025-03-31

Updated

2025-04-07

CVE-2025-24194

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions visionOS versions prior to 2.4 iOS versions prior to 18.4 iPadOS versions prior to 18.4 tvOS versions prior to 18.4 macOS Sequoia versions prior to 15.4

Description A logic issue was addressed with improved checks. Processing maliciously crafted web content may result in the disclosure of process memory.

Recommendations For visionOS versions prior to 2.4, update to visionOS 2.4. For iOS versions prior to 18.4, update to iOS 18.4. For iPadOS versions prior to 18.4, update to iPadOS 18.4. For tvOS versions prior to 18.4, update to tvOS 18.4. For macOS Sequoia versions prior to 15.4, update to macOS Sequoia 15.4.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

BDU:2025-05574

CVE-2025-24194

Affected Products

Apple Macos

Ios

Ipados

Macos Sequoia

Tvos

Visionos

PT-2025-13887 · Apple · Visionos+5

CVE-2025-24194

Weakness Enumeration

Related Identifiers

Affected Products

References · 17