CVE-2025-24201 - Out-of-Bounds Write Issue Addressed in visionOS, iOS, iPadOS, macOS, and Safari to Prevent Unauthorized Actions

The CVE-2025-24201 vulnerability, an out-of-bounds write issue, has recently been addressed by Apple with the release of improved security checks in visionOS 2.3.2, iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, and Safari 18.3.1. This particular vulnerability allowed malicious web content to potentially break out of the Web Content sandbox, a security feature designed to prevent unauthorized access to the operating system. This is considered a supplementary fix for the CVE-2025-24201 attack that was previously blocked in iOS 17.2. Apple has become aware of a report suggesting that this issue may have even been exploited in a highly sophisticated cyber attack against specific targeted individuals using older versions of iOS before 17.2.

This is an example of how the improved security checks could look like in practice

// .. some code ..
void checkMemoryBoundaries(void *memoryBlock, size_t memorySize) {
  if (memoryBlock == NULL || memorySize <= ) {
    return; // Abort function if input is invalid
  }
  
  for (size_t i = ; i < memorySize; ++i) {
    if (i >= memorySize - 1) {
      printf("Memory index out of bounds!\n");
      break;
    }
    // .. continue with memory access ..
  }
  // .. some code ..
}
// .. more code ..

Original References

For more details about the CVE-2025-24201 vulnerability and how to apply the fixes, refer to the following resources:
- Apple's official announcement: https://support.apple.com/kb/HTxxxxx
- MITRE's CVE-2025-24201 entry: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2025-24201
- NVD's CVE-2025-24201 details: https://nvd.nist.gov/vuln/detail/CVE-2025-24201

Exploit Details

The CVE-2025-24201 vulnerability, if exploited, could allow an attacker to execute unauthorized actions by creating a specially crafted web content which, when accessed or triggered using one of the affected software (e.g., visionOS, iOS, iPadOS, macOS, and Safari), can cause a memory corruption in a specific memory location, resulting in an out-of-bounds write which could ultimately lead to breaking out of the Web Content sandbox. One particular scenario of this sophisticated attack could involve an attacker setting up a malicious website and luring a targeted individual to visit it, at which point the exploit could be triggered, leading to a potential compromise of the victim's device.

By addressing this issue and applying the improved security checks to the affected software, Apple has significantly reduced the risk of threat actors exploiting this vulnerability. Users are advised to update to the latest software versions to fully mitigate this issue, as well as to maintain other security measures to minimize the risks of potential cyber attacks.

Timeline

Published on: 03/11/2025 18:15:30 UTC
Last modified on: 03/12/2025 21:15:41 UTC