A use-after-free flaw in Apple’s Core Media framework has enabled privilege escalation across several iOS devices. This vulnerability allows malicious applications to potentially elevate system privileges, though Apple hasn’t confirmed its real-world exploitation. The company has provided a tracker, CVE-2025-24085, pending further evaluation of the flaw’s severity.
Apple issued security updates for iOS 18.3 and later versions, iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, and watchOS 11.3 to address this issue. Core Media handles low-level media operations and interacts with sensitive system resources, making it a critical component of Apple’s devices.
The flaw represents the first zero-day exploit in 2025, following significant exploits in 2024 that bypassed kernel memory protection. Apple previously patched six zero-day issues in 2024 but dropped 18 from its 2023 tally after encountering exploited vulnerabilities tied to nation-state actors.
In addition to fixing the Core Media flaw, the security update addressed other system termination, denial-of-service, and code-execution vulnerabilities. Four of these were linked to researcher Uri Katz of Oligo Security, while others involved Google’s Threat Analysis Group (TAG).
Source: https://www.csoonline.com/article/3811322/iphone-users-targeted-in-apples-first-zero-day-exploit-in-2025.html