CVE-2025-24104

MEDIUM

Apple Ipados < 17.7.4 - Symlink Following

Title source: rule

Description

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of protected system files.

Exploits (2)

nomisec WRITEUP 51 stars

by ifpdz · poc

https://github.com/ifpdz/CVE-2025-24104

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by missaels235 · poc

https://github.com/missaels235/POC-CVE-2025-24104-Py

View Code ZIP pw:eip

References (3)

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/122066

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/122067

[Mailing List] http://seclists.org/fulldisclosure/2025/Jan/14

Scores

CVSS v3 5.5

EPSS 0.0342

EPSS Percentile 87.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-59

Status published

Products (4)

Apple/iOS and iPadOS < 18.3

apple/ipados < 17.7.4

Apple/iPadOS < 17.7.4

apple/iphone_os < 18.3

Published Jan 27, 2025

Tracked Since Feb 18, 2026