Device Management
Endpoint Detection & Response
Vulnerability Management
Kai
Liftoff
Prism
Migration Agent
Auto Apps
Passport
Compliance
Assignment Maps
Managed OS
Integrations
Mac
iPhone and iPad
Apple TV
Vision Pro
Financial Services
Technology
Artificial Intelligence
Marketing Agencies
Healthcare & Biotech
Startup
Growth
Enterprise
Resources Hub
Kandji Blog
Customer Stories
Mac Admins Community
Security Details
MDM Comparison Guide
Customer Support
Product Updates
Kandji Status
Customer Login
Register a Deal
Become a Partner
Partner Portal
About Kandji
News & Press
Careers
Contact
Why Kandji?
Threat Research Knowledge Base Vulnerabilities CVE-2025-24201
CVE-2025-24201
Description
CVE-2025-24201 is an out-of-bounds write vulnerability in WebKit, Apple's browser engine. Maliciously crafted web content could exploit this issue to break out of the Web Content sandbox, potentially leading to arbitrary code execution. Apple addressed this vulnerability by implementing improved checks to prevent unauthorized actions in the affected systems. According to Kandji's analysis, this vulnerability exemplifies the challenges posed by shared codebases across different platforms. The widespread use of WebKit means that a single vulnerability can have far-reaching implications beyond just Apple's ecosystem.
Impact
Exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected devices, leading to potential data breaches, unauthorized access, or further compromise of the system. Apple has acknowledged reports that this issue may have been exploited in extremely sophisticated attacks against specific targeted individuals on versions of iOS before iOS 17.2. The severity of this issue has been assessed as follows:
NIST assessment
CVSS v3.1 Base Score: 8.8 (High)
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HCISA-ADP assessment
CVSS v3.1 Base Score: 7.1 (High)
AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HHas been exploited in the wild
Yes
Operating systems impacted
- macOS Sequoia (prior to 15.3.2)
- iOS (prior to 18.3.2)
- iPadOS (prior to 18.3.2)
- visionOS (prior to 2.3.2)
- watchOS (prior to 11.4)
Additional resources
Apps impacted
- Safari (prior to 18.3.1)
Learn more about it
Kandji Blog: Exploring CVE-2025-24201
An analysis of CVE-2025-24201's implication on Chromium-based browsers
Read moreRelated
Exploitation of this vulnerability could lead to unauthorized access to sensitive location information by an application. The severity of this issue has been assessed as follows:
Exploitation of this vulnerability could lead to a denial-of-service condition by causing unexpected application termination. The severity of this issue has been assessed as follows:
Exploitation of this vulnerability could lead to unexpected application termination, potentially affecting the user experience. The severity of this issue has been assessed as follows:
Manage and secure your Apple devices at scale.
