Home > Vulnerability Database > CVE-2025-24201

Mend.io Vulnerability Database

CVE-2025-24201

Good to know:

Date: March 11, 2025

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).

Severity Score

7.1

Related Resources (16)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-24201

Url: http://seclists.org/fulldisclosure/2025/Mar/2

Url: https://support.apple.com/en-us/122376

Url: https://support.apple.com/en-us/122283

Url: http://seclists.org/fulldisclosure/2025/Mar/4

Url: http://seclists.org/fulldisclosure/2025/Mar/3

Url: https://support.apple.com/en-us/122285

Url: https://support.apple.com/en-us/122284

Url: http://seclists.org/fulldisclosure/2025/Mar/5

Url: https://support.apple.com/en-us/122372

Url: https://support.apple.com/en-us/122281

Url: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24201

Url: https://support.apple.com/en-us/122346

Url: https://support.apple.com/en-us/122345

Url: http://seclists.org/fulldisclosure/2025/Apr/16

Url: https://www.mend.io/vulnerability-database/CVE-2025-24201

Severity Score

7.1

Weakness Type (CWE)

Out-of-bounds Write

CWE-787

Top Fix

Upgrade Version

Upgrade to version https://github.com/WebKit/WebKit.git - webkitgtk-2.48.0;https://github.com/WebKit/WebKit.git - wpewebkit-2.46.7

Learn More

CVSS v3.1

Base Score:	7.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-24201

Good to know:

Date: March 11, 2025

Severity Score

Related Resources (16)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?