CVE-2025-24178
CRITICALDescription
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to break out of its sandbox.
Is your site exposed to CVE-2025-24178?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| apple | ipados |
| apple | ipados |
| apple | iphone_os |
| apple | macos |
| apple | macos |
| apple | macos |
| apple | tvos |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2025-24178? +
How severe is CVE-2025-24178? +
What products are affected by CVE-2025-24178? +
How do I check if I'm vulnerable to CVE-2025-24178? +
Related Vulnerabilities
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may …
This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app …
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer …
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, …
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS …
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, …