Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Apr 3, 2025

High
CISA KEV

CVE-2025-24201

AppleMultiple Products

Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to break out of Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Required Action

https://support.apple.com/en-us/122281 ; https://support.apple.com/en-us/122283 ; https://support.apple.com/en-us/122284 ; https://support.apple.com/en-us/122285 ; ; https://nvd.nist.gov/vuln/detail/CVE-2025-24201

Vulnerability Overview

Severity
High
CISA KEV
Yes
Ransomware
Unknown
Published
Mar 13, 2025
KEV Added
Mar 13, 2025
Due Date
Apr 3, 2025
Related Articles
0

Vendor

Apple

Multiple Products