VYPR
← All advisories
Medium severity5.5NVD Advisory· Published May 12, 2025· Updated Apr 2, 2026

CVE-2025-24111

CVE-2025-24111

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to cause unexpected system termination.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory corruption vulnerability in Apple operating systems could allow an app to cause unexpected system termination.

CVE-2025-24111 is a memory corruption vulnerability in multiple Apple operating systems due to improper state management. The issue arises from a flaw in how memory is handled, potentially leading to corruption.

Exploitation requires a malicious app running on the device; no special privileges or user interaction beyond launching the app are needed. The attack surface is local, as the app must be installed and executed on the target system.

Successful exploitation could result in unexpected system termination, causing a denial-of-service condition. This impact is limited to system availability, with no evidence of data compromise or privilege escalation.

Apple has addressed this vulnerability in iOS 18.3, iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, and watchOS 11.3. Users can obtain the fixes via the standard software update mechanism, as detailed in the respective security release notes [1][2][3][4].

References
  1. About the security content of macOS Sequoia 15.3 - Apple Support
  2. About the security content of macOS Ventura 13.7.5 - Apple Support
  3. About the security content of macOS Sonoma 14.7.5 - Apple Support
  4. About the security content of iOS 18.3 and iPadOS 18.3 - Apple Support

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

9
  • Apple Inc./Ipados2 versions
    cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*range: <17.7.7
    • (no CPE)range: >=18.3, 17.7.7
  • Apple Inc./Iphone Os
    cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    Range: <18.3
  • Apple Inc./macOS2 versions
    cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*range: <13.7.5
    • (no CPE)range: >=15.3, 14.7.5, 13.7.5
  • Apple Inc./tvOS
    cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
    Range: <18.3
  • Apple Inc./Visionos
    cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
    Range: <2.3
  • Apple Inc./watchOS
    cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
    Range: <11.3
  • Cisco Systems, Inc./Cisco iOSllm-fuzzy
    Range: >=18.3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.