CVE-2025-24213

HIGH

Safari < 18.5 - Type Confusion leading to Memory Corruption

Title source: llm
STIX 2.1

Description

This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory corruption.

References (19)

Core 19
Core References

Scores

CVSS v3 7.8
EPSS 0.0039
EPSS Percentile 30.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-843
Status published
Products (12)
Apple/iOS and iPadOS < 18.5
apple/ipados < 17.7.6
Apple/iPadOS < 17.7.7
apple/iphone_os < 18.4
Apple/macOS < 15.5
apple/macos 15.0 - 15.4
apple/safari < 18.4
Apple/Safari < 18.5
apple/tvos < 18.4
Apple/tvOS < 18.5
... and 2 more
Published Mar 31, 2025
Tracked Since Feb 18, 2026