Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users

Apple has released critical security updates to address a zero-day vulnerability actively exploited in attacks targeting iPhone users.  The flaw, identified as CVE-2025-24085, is a use-after-free issue in the Core Media framework, which handles multimedia processing across Apple’s ecosystem.  This vulnerability, with a CVSS score of 9.8, allows malicious applications to elevate privileges, posing significant […] The post Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users appeared first on Cyber Security News.

Jan 28, 2025 - 08:45
 0
Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users

Apple has released critical security updates to address a zero-day vulnerability actively exploited in attacks targeting iPhone users. 

The flaw, identified as CVE-2025-24085, is a use-after-free issue in the Core Media framework, which handles multimedia processing across Apple’s ecosystem. 

This vulnerability, with a CVSS score of 9.8, allows malicious applications to elevate privileges, posing significant risks to user devices.

Apple Zero-day Vulnerability Exploited

The Core Media framework is integral to Apple’s media processing pipeline, supporting high-level frameworks like AVFoundation. The vulnerability stems from improper memory management, enabling attackers to exploit the flaw for privilege escalation.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Apple acknowledged reports that this issue has been actively exploited against devices running versions of iOS prior to iOS 17.2.

The exploit affects a broad range of Apple devices, including:

  • iPhones: iPhone XS and later models.
  • iPads: iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad mini (5th generation and later).
  • Macs: macOS Sequoia.
  • Apple Watches: Apple Watch Series 6 and later.
  • Apple TVs: Apple TV HD and Apple TV 4K (all models).

Reports suggest the vulnerability was exploited for over a year before detection. Attackers likely targeted high-profile individuals using malicious applications designed to manipulate multimedia files. The prolonged exploitation highlights the sophisticated nature of the attacks.

Security Updates Released

Apple has addressed the CVE-2025-24085 vulnerability by improving memory management in the Core Media framework. 

The patches are available in the following updates:

  • iOS 18.3 and iPadOS 18.3
  • macOS Sequoia 15.3
  • watchOS 11.3
  • tvOS 18.3
  • visionOS 2.3

These updates also resolve additional vulnerabilities across system components, including five flaws in AirPlay reported by Uri Katz of Oligo Security, which could lead to denial-of-service (DoS) attacks or arbitrary code execution.

Apple strongly advises all users to update their devices immediately to mitigate risks associated with this zero-day vulnerability. 

CVE-2025-24085 marks Apple’s first zero-day patch of 2025, underscoring the persistent threat posed by advanced cyberattacks. 

Last year, Apple addressed six zero-day vulnerabilities, while in 2023, it patched an alarming total of 20 such flaws.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar

The post Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users appeared first on Cyber Security News.