CVE-2025-24163

MEDIUM

iPadOS < 17.7.4 - Denial of Service via File Parsing

Title source: llm
STIX 2.1

Description

The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sequoia 15.4, macOS Sonoma 14.7.3, tvOS 18.3, tvOS 18.4, visionOS 2.3, visionOS 2.4, watchOS 11.3, watchOS 11.4. Parsing a file may lead to an unexpected app termination.

References (22)

Core 22
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/122066
Release Notes, Vendor Advisory
https://support.apple.com/en-us/122067
Release Notes, Vendor Advisory
https://support.apple.com/en-us/122068
Release Notes, Vendor Advisory
https://support.apple.com/en-us/122069
Release Notes, Vendor Advisory
https://support.apple.com/en-us/122071
Release Notes, Vendor Advisory
https://support.apple.com/en-us/122072
Release Notes, Vendor Advisory
https://support.apple.com/en-us/122073

Scores

CVSS v3 5.5
EPSS 0.0003
EPSS Percentile 8.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

Status published
Products (18)
Apple/iOS and iPadOS < 18.3
Apple/iOS and iPadOS < 18.4
apple/ipados < 17.7.4
Apple/iPadOS < 17.7.4
apple/iphone_os < 18.3
apple/macos < 14.7.3
Apple/macOS < 14.7.3
Apple/macOS < 15.3
Apple/macOS < 15.4
apple/tvos < 18.3
... and 8 more
Published Jan 27, 2025
Tracked Since Feb 18, 2026