Apple Patches Actively Exploited Zero-Day Affecting smartphones, Macs, and More

Jan 28, 2025Ravie LakshmananVulnerability / Endpoint Security

Apple has software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild.

The vulnerability, tracked as CVE-2025-24085 (CVSS scores: 7.3/7.8), has been described as a use-after-free bug in the component that could permit a malicious application already installed on a device to elevate privileges.

“Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2,” the company said in a terse advisory.

The issue has been addressed with improved memory management in the following devices and operating system versions –

  • – iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
  • – Macs running macOS Sequoia
  • – Apple TV HD and Apple TV 4K (all models)
  • – Apple Vision Pro
  • – Apple Watch Series 6 and later

As is typically the case, there are currently no details on how the vulnerability may have been exploited in real-world attacks, by whom, and who may have been targeted. Apple has yet to attribute the discovery of the shortcoming to a security researcher, although it’s possible that it was internally flagged by its own security teams.

The updates also address five security flaws in AirPlay, all reported by Oligo Security researcher Uri Katz, that could be exploited by an attacker to cause unexpected system termination, denial-of-service (DoS), or arbitrary code execution under certain conditions.

Google’s Threat Analysis Group (TAG) has been credited with discovering and reporting three vulnerabilities in the CoreAudio component (CVE-2025-24160, CVE-2025-24161, and CVE-2025-24163) that may lead to an unexpected app termination when parsing a specially crafted file.

With CVE-2025-24085 tagged as actively exploited, users of Apple devices are recommended to apply the patches to safeguard against potential threats.

Update

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday CVE-2025-24085 to the Known Exploited Vulnerabilities () catalog, based on evidence of active exploitation, requiring federal agencies to apply the necessary fixes by February 19, 2025.

Found this article interesting? Follow us on and to read more exclusive content we post.

DNS checker

Leave a Comment