Full Report
The zero-day impacts Apple’s framework that manages audio and video playback. The post Apple’s latest patch closes zero-day affecting wide swath of products appeared first on CyberScoop.
Analysis Summary
# Vulnerability: Zero-Day Use-After-Free in Apple Core Media Framework
## CVE Details
- CVE ID: CVE-2025-24085
- CVSS Score: N/A (CVSS score not disclosed by vendor at the time of reporting)
- CWE: Use-After-Free (Implied by technical detail)
## Affected Systems
- Products: iOS devices, iPadOS devices, macOS, Apple TV, Apple Vision Pro, Apple Watch
- Versions: Prior to iOS 18.3, iPadOS 18.3, macOS 15.3, watchOS 11.3 (Specific affected versions prior to patch noted as compatible with susceptible iOS devices, including iPhone XS and later, and numerous iPad models)
- Configurations: Any device running a vulnerable version of the affected operating systems.
## Vulnerability Description
A critical zero-day vulnerability exists within Apple's Core Media component, a framework central to audio and video playback across Apple products. The flaw is described as a **use-after-free** vulnerability. Successful exploitation could allow malicious applications to gain unauthorized access to system controls.
## Exploitation
- Status: **Exploited in the wild** against some affected versions of iOS.
- Complexity: Not explicitly stated, but implied to be of concern given active exploitation.
- Attack Vector: Not explicitly stated, but context suggests **Local** or **Adjacent** attack vector, potentially via malicious applications or specially crafted media content.
## Impact
- Confidentiality: Potential unauthorized access to system controls.
- Integrity: Potential unauthorized access to system controls.
- Availability: Not explicitly detailed, but misuse gaining system access could lead to instability or compromise.
## Remediation
### Patches
- **iOS:** Update to **iOS 18.3**
- **iPadOS:** Update to **iPadOS 18.3**
- **macOS:** Update to **macOS Sequoia 15.3**
- **watchOS:** Update to **watchOS 11.3**
### Workarounds
No specific workarounds were detailed in the provided summary beyond immediate patching. Users are strongly urged to apply the official updates.
## Detection
- Detection methods and tools were not specified in the context provided. Given the nature of the flaw (use-after-free in media processing), monitoring system process crashes related to media frameworks while isolating applications attempting unusual system access might be indicative.
- The vulnerability was initially identified through external research, including contributions from the Google Threat Analysis Group on related CoreAudio issues.
## References
- Vendor Advisory: support dot apple dot com/en-us/100100
- Related Vulnerabilities: Five additional security flaws in AirPlay were also patched, some involving arbitrary code execution.