Multiple vulnerabilities in Apple iPadOS 17
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 20 |
| CVE-ID | CVE-2025-24118 CVE-2025-24149 CVE-2024-54497 CVE-2025-24104 CVE-2025-24166 CVE-2025-24117 CVE-2025-24159 CVE-2025-24086 CVE-2025-24137 CVE-2025-24102 CVE-2025-24124 CVE-2025-24123 CVE-2025-24163 CVE-2025-24160 CVE-2025-24161 CVE-2025-24127 CVE-2024-54478 CVE-2025-24184 CVE-2024-55549 CVE-2025-24855 |
| CWE-ID | CWE-119 CWE-125 CWE-20 CWE-61 CWE-200 CWE-264 CWE-843 CWE-284 CWE-787 CWE-416 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
iPadOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 20 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU103371
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2025-24118
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Out-of-bounds read
EUVDB-ID: #VU103356
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24149
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in SceneKit. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU103394
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-54497
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in QuartzCore. A remote attacker can trick the victim into visiting a specially crafted website and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) UNIX symbolic link following
EUVDB-ID: #VU103348
Risk: Low
CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24104
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue in Managed Configuration when restoring data from a specially crafted backup file. A local user can overwrite protected filesystem files and escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU103347
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24166
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in libxslt. A remote attacker can trick the victim into visiting a specially crafted website and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU103346
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24117
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in LaunchServices. A local application can fingerprint the user.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU103345
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24159
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions within the OS kernel. A local application can execute arbitrary code with kernel privileges. MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU103343
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24086
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in ImageIO. A remote attacker can trick the victim into opening a specially crafted file, trigger memory corruption and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Type Confusion
EUVDB-ID: #VU103336
Risk: High
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24137
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in AirPlay. A remote attacker can send specially crafted packets to the device, trigger a type confusion error and execute arbitrary code on the target system.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper access control
EUVDB-ID: #VU103367
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24102
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in CoreRoutine. A local application can determine a user’s current location.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds write
EUVDB-ID: #VU103342
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24124
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted MOV file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds read
EUVDB-ID: #VU103341
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24123
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted MOV file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Input validation error
EUVDB-ID: #VU103340
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24163
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreAudio. A remote attacker can trick the victim into opening a specially crafted media file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Input validation error
EUVDB-ID: #VU103338
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24160
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreAudio. A remote attacker can trick the victim into opening a specially crafted media file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Input validation error
EUVDB-ID: #VU103339
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24161
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreAudio. A remote attacker can trick the victim into opening a specially crafted media file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Input validation error
EUVDB-ID: #VU103337
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24127
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in ARKit. A remote attacker can trick the victim into opening a specially crafted file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Out-of-bounds read
EUVDB-ID: #VU103396
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-54478
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in ICU. A remote attacker can trick the victim into visiting a specially crafted website, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Buffer overflow
EUVDB-ID: #VU109441
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24184
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in CoreMedia Playback. A local application can trigger memory corruption and crash the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Use-after-free
EUVDB-ID: #VU105879
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-55549
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in xsltGetInheritedNsList. A remote attacker can pass specially crafted input to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Use-after-free
EUVDB-ID: #VU105946
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24855
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in numbers.c when handling nested XPath evaluations. A remote attacker can pass specially crafted XML input to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.7.3
CPE2.3- cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2:21C62:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.2.1:21C66:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3:21D50:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.3.1:21D61:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4:21E217:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.4.1:21E236:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5:21F79:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.5.1:21F90:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:17.7.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/122067
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
