Login Sign Up

CVE-2025-24188

6.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a logic flaw in Safari that could be exploited by malicious web content to cause unexpected crashes. The vulnerability affects Safari users on macOS, potentially leading to denial of service. Apple has addressed this issue in Safari 18.6 and macOS Sequoia 15.6.

💻 Affected Systems

Products:
  • Safari
Versions: Versions prior to Safari 18.6
Operating Systems: macOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects Safari on macOS systems; the vulnerability is present in default configurations.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Safari by Apple

View all CVEs affecting Safari →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could craft a malicious webpage that crashes Safari when visited, causing denial of service and potential loss of unsaved work.

🟠

Likely Case

Most exploitation would result in Safari crashing when visiting malicious websites, requiring users to restart the browser.

🟢

If Mitigated

With proper patching, the vulnerability is eliminated and Safari functions normally even when processing previously malicious content.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires user interaction (visiting a malicious website) but no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Safari 18.6, macOS Sequoia 15.6

Vendor Advisory: https://support.apple.com/en-us/124149

Restart Required: Yes

Instructions:

1. Open System Settings on macOS. 2. Go to General > Software Update. 3. Install any available updates for macOS and Safari. 4. Restart your computer if prompted.

🔧 Temporary Workarounds

Use alternative browser

all

Temporarily switch to a different web browser until Safari is patched.

Disable JavaScript

all

Disable JavaScript in Safari settings to potentially mitigate exploitation, though this will break many websites.

🧯 If You Can't Patch

  • Implement web filtering to block known malicious domains
  • Educate users to avoid suspicious websites and links

🔍 How to Verify

Check if Vulnerable:

Check Safari version: Open Safari > Safari menu > About Safari. If version is below 18.6, the system is vulnerable.

Check Version:

safari_version=$(defaults read /Applications/Safari.app/Contents/Info.plist CFBundleShortVersionString); echo $safari_version

Verify Fix Applied:

Verify Safari version is 18.6 or higher and macOS version is 15.6 or higher.

📡 Detection & Monitoring

Log Indicators:

  • Safari crash logs in Console.app
  • Unexpected Safari termination events

Network Indicators:

  • Traffic to known malicious domains hosting exploit code

SIEM Query:

source="*safari*" AND (event="crash" OR event="terminated")

📊 Metadata

CVE ID: CVE-2025-24188
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE: CWE-703
EPSS Score: 0.07% exploit probability (20.4th percentile)
Published: July 30, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-24188, you might also want to check these:

CVE-2025-13021 9.8

A critical vulnerability in Firefox and Thunderbird's WebGPU component allows memory corruption due ...

Same vulnerability type (CWE-703)
CVE-2025-13022 9.8

A critical vulnerability in Firefox and Thunderbird's WebGPU component allows memory corruption due ...

Same vulnerability type (CWE-703)
CVE-2025-13023 9.8

A sandbox escape vulnerability in Firefox and Thunderbird's WebGPU component allows attackers to exe...

Same vulnerability type (CWE-703)