First published: Mon Jan 27 2025(Updated: )
Accessibility. An authentication issue was addressed with improved state management.
Credit: Abhay Kailasia @abhay_kailasia CUri Katz (Oligo Security) Minghao Lin @Y1nKoc Zhejiang Universitybabywu Zhejiang University Zhejiang UniversityXingwei Lin Zhejiang UniversityGoogle Threat Analysis Group Desmond Trend Micro Zero Day InitiativePwn2car & Rotiple (HyeongSeok Jang) Trend Micro Zero Day InitiativeCVE-2025-24085 DongJun Kim @smlijun JongSeong Kim in Enki WhiteHat @nevul37 D4m0n an anonymous researcher pattern-f @pattern_F_ Michael (Biscuit) Thomas @social.lol) @biscuit Hichem Maloufi Hakim Boukhadra mastersplinter @RenwaX23 Michael DePlante @izobashi Trend Micro Zero Day InitiativeKirin @Pwnrin Q1IQ @q1iqF NUS CuriOSityP1umer @p1umer Imperial Global Singaporelinjy HKUS3Labchluo WHUSecLabJohan Carlsson (joaxcar) product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS, iPadOS, and watchOS | <18.3 | |
Apple iOS, iPadOS, and watchOS | <18.3 | |
Apple iOS, iPadOS, and watchOS | <18.3 | 18.3 |
Apple iOS, iPadOS, and watchOS | <18.3 | 18.3 |
Apple iOS, iPadOS, and watchOS | <18.3 | |
iOS | <18.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2025-24141 is considered a high severity vulnerability due to its potential to allow unauthorized access to sensitive data on unlocked devices.
To fix CVE-2025-24141, update your device to iOS 18.3 or iPadOS 18.3.
CVE-2025-24141 is an authentication issue related to state management.
CVE-2025-24141 affects users of Apple iOS and iPadOS versions prior to 18.3.
CVE-2025-24141 impacts devices running Apple iOS and iPadOS versions before 18.3.