Full Report
The vulnerability allowed malicious code running inside the Web Content sandbox, an isolated environment for web processes designed to limit security risks, to impact other parts of the device.
Analysis Summary
# Vulnerability: WebKit Sandbox Escape in Safari (Supplemental Patch)
## CVE Details
- CVE ID: [CVE-2025-24201]
- CVSS Score: Information not provided, inherent severity High given sandbox escape context.
- CWE: Sandbox Escape (Inferred)
## Affected Systems
- Products: iOS, iPadOS, macOS, visionOS, Safari
- Versions: Versions prior to iOS 17.2, and previous versions of devices that received the initial patch but required a supplemental fix in iOS 18.3.2. Specific vulnerable versions before the latest patch are not exhaustively listed, but the update applies to systems needing the supplemental fix.
- Configurations: Devices utilizing the WebKit rendering engine.
## Vulnerability Description
The vulnerability resides in WebKit, the browser engine backing Safari. It allowed malicious web content to escape the isolated **Web Content sandbox**. A successful sandbox escape grants an attacker the ability to access and impact other parts of the operating system that should normally be protected by the sandbox environment. This vulnerability was initially addressed in iOS 17.2 but required a supplemental patch due to the sophistication of attacks observed.
## Exploitation
- Status: Mentioned that an "extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2" may have occurred recently. This implies potential targeted exploitation before the initial fix, and the need for a supplemental patch suggests the initial fix might have been incomplete or bypassed.
- Complexity: High (Implied by the need for a "sophisticated attack" targeting specific individuals).
- Attack Vector: Network (via web content).
## Impact
- Confidentiality: High (Sandbox escape allows access to other parts of the OS).
- Integrity: High (Potential for unauthorized actions impacting system state).
- Availability: Moderate/High (Depending on the extent of OS compromise).
## Remediation
### Patches
The vulnerability has been addressed with improved checks to prevent unauthorized actions.
- **iOS 18.3.2**
- **iPadOS 18.3.2**
- **macOS Sequoia 15.3.2**
- **visionOS 2.3.2**
- **Safari 18.3.1**
### Workarounds
No specific workarounds were detailed, as immediate patching is strongly recommended due to the nature of the flaw and reported targeted attacks.
## Detection
- Detection methods and tools were not specified in the provided excerpt.
## References
- Vendor Advisory (iOS 18.3.2 Release Notes): hxxps://support.apple.com/en-us/122281
- Original Patch Reference: Related to updates released around iOS 17.2 timing (late 2023).