Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks
Summary:
Yesterday, Apple released security updates to address several vulnerabilities impacting a range of products including macOS, ipadOS, iOS, and much more. Notably, three of the flaws, tracked as CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085, were exploited as zero-days in attacks in the wild:
As with previous zero-day vulnerabilities targeting Apple devices, the company has not shared extensive details about the exploitation of these flaws, beyond the brief information provided above. However, similar flaws have historically been used in sophisticated spyware attacks, as documented by Citizen Lab, where zero-day exploits were leveraged to install surveillance software on the devices of government officials, journalists, and activists to steal sensitive information and track movements. The latest vulnerabilities—enabling unauthorized device access, privilege escalation, and data theft—could have severe implications if not patched. These flaws, if exploited, could allow malicious actors to bypass security protections, potentially leading to targeted espionage, data breaches, and privacy violations.
Suggested Corrections:
Apple has released patches for all three vulnerabilities across its operating systems and devices:
Link(s):
https://cybersecuritynews.com/apple-warns-of-three-0-day-vulnerabilities/
Yesterday, Apple released security updates to address several vulnerabilities impacting a range of products including macOS, ipadOS, iOS, and much more. Notably, three of the flaws, tracked as CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085, were exploited as zero-days in attacks in the wild:
- CVE-2025-24200: authorization flaw that can be exploited in a physical attack to disable USB Restricted Mode on a locked device. Apple says that it is aware of a report where the issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
- CVE-2025-24201: out-of-bounds write issue where maliciously crafted web content could escape the Web Content sandbox. Note: Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2
- CVE-2025-24085: use after free issue where a malicious application may be elevate privileges. Note: Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
As with previous zero-day vulnerabilities targeting Apple devices, the company has not shared extensive details about the exploitation of these flaws, beyond the brief information provided above. However, similar flaws have historically been used in sophisticated spyware attacks, as documented by Citizen Lab, where zero-day exploits were leveraged to install surveillance software on the devices of government officials, journalists, and activists to steal sensitive information and track movements. The latest vulnerabilities—enabling unauthorized device access, privilege escalation, and data theft—could have severe implications if not patched. These flaws, if exploited, could allow malicious actors to bypass security protections, potentially leading to targeted espionage, data breaches, and privacy violations.
Suggested Corrections:
Apple has released patches for all three vulnerabilities across its operating systems and devices:
- iPhones and iPads: Update to iOS 18.3/iPadOS 18.3 or later.
- Macs: Install macOS Sequoia 15.3 or later.
- Apple Watches: Use watchOS 11.3 or newer.
- Apple TVs: Update to tvOS 18.3.
- Apple Vision Pro: Apply visionOS 2.3 updates.
Link(s):
https://cybersecuritynews.com/apple-warns-of-three-0-day-vulnerabilities/