PT-2025-20746 · Apple+7 · Visionos+14

Rheza

·

Published

2023-07-18

·

Updated

2025-11-25

·

CVE-2025-24223

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions watchOS versions prior to 11.5 tvOS versions prior to 18.5 iOS versions prior to 18.5 iPadOS versions prior to 18.5 macOS Sequoia versions prior to 15.5 visionOS versions prior to 2.5 Safari versions prior to 18.5
Description The issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to memory corruption.
Recommendations For watchOS versions prior to 11.5, update to watchOS 11.5. For tvOS versions prior to 18.5, update to tvOS 18.5. For iOS versions prior to 18.5, update to iOS 18.5. For iPadOS versions prior to 18.5, update to iPadOS 18.5. For macOS Sequoia versions prior to 15.5, update to macOS Sequoia 15.5. For visionOS versions prior to 2.5, update to visionOS 2.5. For Safari versions prior to 18.5, update to Safari 18.5.

Exploit

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

BDU:2025-11987
CESA-2023_4202
CVE-2025-24223
DLA-4218-1
DSA-5937-1
MGASA-2025-0313
OPENSUSE-SU-2025_01724-1
OPENSUSE-SU-2025_01746-1
RHSA-2023:4201
RHSA-2023:4202
RHSA-2023_4201
RHSA-2023_4202
RHSA-2024:8496
RHSA-2024:9653
RHSA-2024:9679
RHSA-2024:9680
RHSA-2025:10364
SUSE-SU-2025:01720-1
SUSE-SU-2025:01724-1
SUSE-SU-2025:01746-1
SUSE-SU-2025:02033-1
SUSE-SU-2025_01720-1
SUSE-SU-2025_01724-1
SUSE-SU-2025_01746-1
SUSE-SU-2025_02033-1
USN-7566-1

Affected Products

Astra Linux
Centos
Debian
Linuxmint
Apple Macos
Red Hat
Safari
Suse
Ubuntu
Ios
Ipados
Macos Sequoia
Tvos
Visionos
Watchos