Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2025-24201 First vendor Publication 2025-03-11
Vendor Cve Last vendor Modification 2025-03-20

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Overall CVSS Score 8.8
Base Score 8.8 Environmental Score 8.8
impact SubScore 5.9 Temporal Score 8.8
Exploitabality Sub Score 2.8
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction Required
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 265
Os 9
Os 178
Os 37
Os 1
Os 2

Sources (Detail)

http://seclists.org/fulldisclosure/2025/Mar/2
http://seclists.org/fulldisclosure/2025/Mar/3
http://seclists.org/fulldisclosure/2025/Mar/4
http://seclists.org/fulldisclosure/2025/Mar/5
https://support.apple.com/en-us/122281
https://support.apple.com/en-us/122283
https://support.apple.com/en-us/122284
https://support.apple.com/en-us/122285
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
Date Informations
2025-03-20 17:20:44
  • Multiple Updates
2025-03-15 03:16:09
  • Multiple Updates
2025-03-15 03:16:01
  • Multiple Updates
2025-03-15 00:20:36
  • Multiple Updates
2025-03-14 09:20:34
  • Multiple Updates
2025-03-13 00:20:30
  • Multiple Updates
2025-03-12 00:20:30
  • Multiple Updates
2025-03-11 21:20:31
  • First insertion