CVE-2025-24161

CVE-2025-24161

This vulnerability involves a parsing flaw in Apple operating systems that could lead to an unexpected app termination when a specially crafted file is processed. The issue is present in iOS, iPadOS, macOS, tvOS, visionOS, and watchOS, and was addressed in updates released on January 27, 2025 [1][2][3][4].

Root

Cause and Attack Vector An input validation or type confusion issue exists in the file parsing logic. An attacker on the local network could deliver a malicious file to a vulnerable device. In some variants of the problem (referenced as related CVE-2025-24126 and CVE-2025-24137), the attacker may corrupt process memory [1][3]; another variant (CVE-2025-24179) involves a null pointer dereference leading to denial-of-service [4]. No authentication or special privileges are required beyond being able to present the file to the target system.

Impact

Successful exploitation results in an unexpected application termination (denial-of-service) or potential memory corruption. For macOS and iOS, a local network attacker could cause process memory corruption, which may be leveraged for further exploitation [1][3]. The impact is rated medium (CVSS 5.5) due to the requirement that the attacker must be on the local network and the effect is primarily denial-of-service.

Mitigation

Apple has released patches for all affected platforms: iOS 18.3, iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, and watchOS 11.3 [1][2][3][4]. Users should apply the latest updates to protect their devices. There is no evidence of active exploitation at the time of disclosure.