CVE-2025-24162

Exploited in the Wild

NIST CVSS Scores

CVSS v3.1 Base Score: 6.5 (Medium)

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA CVSS Scores

CVSS v3.1 Base Score: 6.5 (Medium)

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Operating Systems Impacted

macOS Sequoia (prior to 15.3)
iOS (prior to 18.3)
iPadOS (prior to 18.3)
visionOS (prior to 2.3)
watchOS (prior to 11.3)
tvOS (prior to 18.3)

Applications Impacted

Safari (prior to 18.3)

Additional Resources

NVD CVE-2025-24162
iOS 18.3 and iPadOS 18.3
macOS Sequoia 15.3
visionOS 2.3
watchOS 11.3
tvOS 18.3
Safari 18.3

Description

CVE-2025-24162 is a vulnerability in Apple's WebKit engine that could lead to an unexpected process crash when processing maliciously crafted web content. The issue was addressed by Apple through improved state management in the affected systems.

Impact

Exploitation of this vulnerability could lead to a denial-of-service condition by causing unexpected application termination. The severity of this issue has been assessed as follows:

Stay up to date

Iru's weekly collection of articles, videos, and research to keep IT & Security teams ahead of the curve.

Description

Impact

CVE-2024-54477

CVE-2025-24167

CVE-2025-24201

Stay up to date