Apple released a security update to address a zero-day vulnerability, tracked as CVE-2024-24085. The security updates addressed 33 vulnerabilities impacting multiple products such as macOS Sonoma, macOS Ventura, macOS Sequoia, Safari, iOS, and iPadOS.
CVE-2025-24085
The use after free vulnerability exists in the CoreMedia component of macOS Sequoia, iOS, and iPadOS. Successful exploitation of the vulnerability may allow a malicious application to elevate privileges. Apple addressed the vulnerability with improved memory management.
Apple mentioned in the advisory that the vulnerability is being actively exploited in attacks against versions of iOS before iOS 17.2.
CISA added the CVE-2025-24085 to the Known Exploited Vulnerabilities Catalog, acknowledging its active exploitation. CISA urged users to patch the vulnerability before February 19, 2025.
Affected Products and Versions
- iPhone XS and later
- iPad 7th generation and later
- iPad Air 3rd generation and later
- iPad mini 5th generation and later
- macOS Sequoia versions Prior to 15.3
- iPad Pro 11-inch 1st generation and later
- iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later
Mitigation
Apple released the following versions to patch the vulnerabilities:
- macOS Sequoia 15.3
- iOS 18.3 and iPadOS 18.3
For more information, please visit the Apple security advisories for Safari, macOS Sonoma, macOS Ventura, macOS Sequoia, iOS, and iPadOS.
Qualys Detection
Qualys customers can scan their devices with QIDs 610628, 382740, 382741, 382742, and 382743 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References
https://support.apple.com/en-us/122066
https://support.apple.com/en-us/122068
