Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users

Apple has released critical security updates to address a zero-day vulnerability actively exploited in attacks targeting iPhone users. The flaw, identified as CVE-2025-24085, is a use-after-free issue in the Core Media framework, which handles multimedia processing across Apple’s ecosystem. This vulnerability, with a CVSS score of 9.8, allows malicious applications to elevate privileges, posing significant […] The post Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users appeared first on Cyber Security News.

Jan 28, 2025 - 08:45

Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users

Apple has released critical security updates to address a zero-day vulnerability actively exploited in attacks targeting iPhone users.

The flaw, identified as CVE-2025-24085, is a use-after-free issue in the Core Media framework, which handles multimedia processing across Apple’s ecosystem.

This vulnerability, with a CVSS score of 9.8, allows malicious applications to elevate privileges, posing significant risks to user devices.

Apple Zero-day Vulnerability Exploited

The Core Media framework is integral to Apple’s media processing pipeline, supporting high-level frameworks like AVFoundation. The vulnerability stems from improper memory management, enabling attackers to exploit the flaw for privilege escalation.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Apple acknowledged reports that this issue has been actively exploited against devices running versions of iOS prior to iOS 17.2.

The exploit affects a broad range of Apple devices, including:

iPhones: iPhone XS and later models.
iPads: iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad mini (5th generation and later).
Macs: macOS Sequoia.
Apple Watches: Apple Watch Series 6 and later.
Apple TVs: Apple TV HD and Apple TV 4K (all models).

Reports suggest the vulnerability was exploited for over a year before detection. Attackers likely targeted high-profile individuals using malicious applications designed to manipulate multimedia files. The prolonged exploitation highlights the sophisticated nature of the attacks.

Security Updates Released

Apple has addressed the CVE-2025-24085 vulnerability by improving memory management in the Core Media framework.

The patches are available in the following updates:

iOS 18.3 and iPadOS 18.3
macOS Sequoia 15.3
watchOS 11.3
tvOS 18.3
visionOS 2.3

These updates also resolve additional vulnerabilities across system components, including five flaws in AirPlay reported by Uri Katz of Oligo Security, which could lead to denial-of-service (DoS) attacks or arbitrary code execution.

Apple strongly advises all users to update their devices immediately to mitigate risks associated with this zero-day vulnerability.

CVE-2025-24085 marks Apple’s first zero-day patch of 2025, underscoring the persistent threat posed by advanced cyberattacks.

Last year, Apple addressed six zero-day vulnerabilities, while in 2023, it patched an alarming total of 20 such flaws.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar

The post Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users appeared first on Cyber Security News.