CVE-2025-24213

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-24213
This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://support.apple.com/en-us/122404
https://support.apple.com/en-us/122405
https://support.apple.com/en-us/122716
https://support.apple.com/en-us/122719
https://support.apple.com/en-us/122720
https://support.apple.com/en-us/122721
https://support.apple.com/en-us/122722
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
History

13 May 2025, 17:15

Type Values Removed Values Added
CPE cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
First Time Apple iphone Os
Apple macos
Apple tvos
Apple ipados
Apple
Apple safari
References
  • {'url': 'https://support.apple.com/en-us/122371', 'source': 'product-security@apple.com'}
  • {'url': 'https://support.apple.com/en-us/122372', 'source': 'product-security@apple.com'}
  • {'url': 'https://support.apple.com/en-us/122373', 'source': 'product-security@apple.com'}
  • {'url': 'https://support.apple.com/en-us/122377', 'source': 'product-security@apple.com'}
  • {'url': 'https://support.apple.com/en-us/122379', 'source': 'product-security@apple.com'}
  • () https://support.apple.com/en-us/122404 -
  • () https://support.apple.com/en-us/122405 -
  • () https://support.apple.com/en-us/122716 -
  • () https://support.apple.com/en-us/122719 -
  • () https://support.apple.com/en-us/122720 -
  • () https://support.apple.com/en-us/122721 -
  • () https://support.apple.com/en-us/122722 -
Summary (en) This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A type confusion issue could lead to memory corruption. (en) This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.

03 Apr 2025, 18:15

Type Values Removed Values Added
Summary
  • (es) Este problema se solucionó mejorando la gestión de los flotantes. Este problema está corregido en tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 y iPadOS 18.4, y macOS Sequoia 15.4. Un problema de confusión de tipos podía provocar daños en la memoria.
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
CWE CWE-843

31 Mar 2025, 23:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-03-31 23:15

Updated : 2025-05-13 17:15

NVD link : CVE-2025-24213

Mitre link : CVE-2025-24213

CVE.ORG link : CVE-2025-24213

JSON object : View

Products Affected

apple

  • macos
  • ipados
  • safari
  • tvos
  • iphone_os
CWE
CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')