CVE-2025-24123

Name of the Vulnerable Software and Affected Versions iPadOS versions 17.7.4 and earlier macOS Ventura versions 13.7.3 and earlier macOS Sonoma versions 14.7.3 and earlier visionOS versions 2.3 and earlier iOS versions 18.3 and earlier iPadOS versions 18.3 and earlier macOS Sequoia versions 15.3 and earlier watchOS versions 11.3 and earlier tvOS versions 18.3 and earlier

Description The issue is related to the CoreMedia component of MacOs, iPadOS, visionOS, iOS, watchOS, and tvOS operating systems, which is associated with unlimited resource allocation. Parsing a file may lead to an unexpected app termination. Exploitation of the issue may allow a remote attacker to cause a denial of service.

Recommendations For iPadOS versions 17.7.4 and earlier, update to iPadOS 17.7.4 or later. For macOS Ventura versions 13.7.3 and earlier, update to macOS Ventura 13.7.3 or later. For macOS Sonoma versions 14.7.3 and earlier, update to macOS Sonoma 14.7.3 or later. For visionOS versions 2.3 and earlier, update to visionOS 2.3 or later. For iOS versions 18.3 and earlier, update to iOS 18.3 or later. For iPadOS versions 18.3 and earlier, update to iPadOS 18.3 or later. For macOS Sequoia versions 15.3 and earlier, update to macOS Sequoia 15.3 or later. For watchOS versions 11.3 and earlier, update to watchOS 11.3 or later. For tvOS versions 18.3 and earlier, update to tvOS 18.3 or later.