Apple Patches Actively Exploited Zero-Day Affecting handsets, Macs, and More

Jan 28, 2025Ravie LakshmananVulnerability / Endpoint Security

Apple has updated its program to handle a number of security flaws in its profile, including a zero-day risk that it claims has been exploited in the wild.

The vulnerability, tracked as CVE-2025-24085 ( CVSS scores: 7.3/7.8 ), has been described as a use-after-free bug in the component that could permit a malicious application already installed on a device to elevate privileges.

Apple has been informed in a terse expert that this problem may have been positively exploited against iOS versions prior to iOS 17.2.

Improved storage control has been implemented in the following equipment and operating system versions to address the problem:

    iOS 18.3 and iPadOS 18.3- iPhone XS and afterwards, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and afterwards, iPad Pro 11-inch 1st generation and afterwards, iPad Air 3rd generation and later, iPad 7th generation and afterwards, and iPad mini 5th generation and later

  • mac Sequoia 15.3- Macs running mac Sequoia
  • – Apple TV HD and Apple TV 4K ( all types )
  • – Apple Vision Pro
  • os 11.3- Apple Watch Series 6 and afterward

As is typically the case, there are now no information on how the risk may have been exploited in real-world problems, by whom, and who may have been targeted. Although it’s possible that Apple’s individual surveillance teams privately flagged the flaw, it hasn’t yet been identified as the cause of the finding.

The changes also address five security flaws in AirPlay, all reported by Oligo Security scientist Uri Katz, that could be exploited by an intruder to trigger sudden program termination, denial-of-service ( DoS), or arbitrary code execution under certain circumstances.

Google’s Threat Analysis Group ( TAG ) has been credited with discovering and reporting three vulnerabilities in the CoreAudio component ( CVE-2025-24160, CVE-2025-24161, and CVE-2025-24163 ) that may lead to an unexpected app termination when parsing a specially crafted file.

With CVE-2025-24085 tagged as earnestly exploited, customers of Apple products are recommended to use the patches to protect against possible threats.

Update

The U. S. Cybersecurity and Infrastructure Security Agency ( CISA ) on Wednesday CVE-2025-24085 to the Known Exploited Vulnerabilities ( ) catalog, based on evidence of active exploitation, requiring federal agencies to apply the necessary fixes by February 19, 2025.

Found this post exciting? To read more unique information we post, follow us on and Twitter.

Leave a Comment