CVE-2025-24189 – This memory corruption vulnerability in Apple's... (How to Fix)

Q: What is the severity of CVE-2025-24189?

CVE-2025-24189 has a CVSS score of 8.8 (HIGH). This memory corruption vulnerability in Apple's WebKit browser engine allows attackers to execute arbitrary code by tricking users into visiting malicious websites. It affects Safari and all Apple operating systems that use WebKit for web content rendering. Users of unpatched Apple devices are vulnerable when browsing the web.

📋 TL;DR

This memory corruption vulnerability in Apple's WebKit browser engine allows attackers to execute arbitrary code by tricking users into visiting malicious websites. It affects Safari and all Apple operating systems that use WebKit for web content rendering. Users of unpatched Apple devices are vulnerable when browsing the web.

💻 Affected Systems

Products:

Safari
visionOS
iOS
iPadOS
macOS Sequoia
watchOS
tvOS

Versions: All versions before Safari 18.3, visionOS 2.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3

Operating Systems: macOS, iOS, iPadOS, watchOS, tvOS, visionOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations are vulnerable. Affects all Apple devices using WebKit for web rendering.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full device compromise, data theft, and persistent malware installation.

🟠

Likely Case

Arbitrary code execution within the browser sandbox, potentially leading to session hijacking, credential theft, and further exploitation.

🟢

If Mitigated

Limited impact due to browser sandboxing, but still potential for data exfiltration and limited system access.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction (visiting malicious website) but no authentication. Memory corruption vulnerabilities often lead to reliable exploits.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Safari 18.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3

Vendor Advisory: https://support.apple.com/en-us/122066

Restart Required: Yes

Instructions:

1. Open System Settings (macOS) or Settings (iOS/iPadOS). 2. Go to General > Software Update. 3. Install available updates. 4. Restart device when prompted.

🔧 Temporary Workarounds

Disable JavaScript

all

Prevents malicious web content from executing JavaScript that could trigger the vulnerability

Safari: Safari > Settings > Security > uncheck 'Enable JavaScript'

Use Alternative Browser

macOS

Switch to browsers not using WebKit engine (Chrome, Firefox on macOS)

🧯 If You Can't Patch

Implement web filtering to block known malicious sites
Restrict browsing to trusted websites only

🔍 How to Verify

Check if Vulnerable:

Check Safari version: Safari > About Safari. For OS: macOS: Apple menu > About This Mac > Software Update; iOS/iPadOS: Settings > General > About > Software Version

Check Version:

macOS: sw_vers; iOS/iPadOS: Settings > General > About > Software Version

Verify Fix Applied:

Verify installed version matches or exceeds patched versions listed in fix_official.patch_version

📡 Detection & Monitoring

Log Indicators:

Safari/WebKit crash logs
Unexpected process termination
Memory access violation logs

Network Indicators:

Connections to suspicious domains followed by browser crashes
Unusual outbound traffic from browser processes

SIEM Query:

source="*safari*" AND (event="crash" OR event="memory_access_violation")

📊 Metadata

CVE ID: CVE-2025-24189

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-119

EPSS Score: 0.14% exploit probability (33.4th percentile)

Published: May 19, 2025

Last Updated: November 4, 2025

🔗 References

https://support.apple.com/en-us/122066 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122068 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122071 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122072 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122073 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122074 Release Notes,Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/08/02/1

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-24189, you might also want to check these: