Login Sign Up

CVE-2025-24210

5.5 MEDIUM

📋 TL;DR

A logic error in image parsing across multiple Apple operating systems could lead to disclosure of user information when processing malicious images. This vulnerability affects users running outdated versions of visionOS, macOS, tvOS, iPadOS, and iOS. The issue allows potential information leakage through crafted image files.

💻 Affected Systems

Products:
  • visionOS
  • macOS
  • tvOS
  • iPadOS
  • iOS
Versions: Versions prior to the fixed versions listed in the description
Operating Systems: visionOS, macOS, tvOS, iPadOS, iOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected Apple operating systems are vulnerable until patched. The vulnerability affects image parsing functionality.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

Visionos by Apple

View all CVEs affecting Visionos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive user data (potentially including personal information, device identifiers, or application data) could be exfiltrated to an attacker through a malicious image file.

🟠

Likely Case

Limited information disclosure such as metadata, temporary files, or non-critical system information could be exposed when processing untrusted images.

🟢

If Mitigated

With proper controls like sandboxing and input validation, impact would be minimal to none as the vulnerability would be contained.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user interaction to process a malicious image file. No public exploit code has been disclosed as of this analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5

Vendor Advisory: https://support.apple.com/en-us/122371

Restart Required: Yes

Instructions:

1. Open Settings/System Preferences 2. Navigate to Software Update 3. Install the latest available update for your device 4. Restart the device when prompted

🔧 Temporary Workarounds

Disable automatic image processing

all

Configure applications to not automatically process or preview image files from untrusted sources

Use application sandboxing

all

Ensure applications that process images run with appropriate sandboxing restrictions

🧯 If You Can't Patch

  • Implement network filtering to block malicious image files at perimeter
  • Deploy endpoint detection to monitor for suspicious image processing behavior

🔍 How to Verify

Check if Vulnerable:

Check current OS version against affected versions listed in Apple security advisories

Check Version:

On macOS: sw_vers -productVersion; On iOS/iPadOS: Settings > General > About > Version

Verify Fix Applied:

Verify OS version matches or exceeds the patched versions listed in the fix information

📡 Detection & Monitoring

Log Indicators:

  • Unexpected crashes in image processing applications
  • Unusual file access patterns by image processing services

Network Indicators:

  • Unexpected outbound connections following image file processing
  • Suspicious image file downloads

SIEM Query:

source="apple_system_logs" AND (process="image" OR process="parsing") AND (event="crash" OR event="error")

📊 Metadata

CVE ID: CVE-2025-24210
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-783
EPSS Score: 0.05% exploit probability (16.1th percentile)
Published: March 31, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-24210, you might also want to check these:

CVE-2026-25233 9.1

This vulnerability in PEAR (PHP Extension and Application Repository) allows non-lead maintainers to...

Same vulnerability type (CWE-783)
CVE-2024-20314 8.6

This vulnerability in Cisco IOS XE Software's IPv4 SD-Access fabric edge node allows unauthenticated...

Same vulnerability type (CWE-783)
CVE-2024-20480 8.6

An unauthenticated remote attacker can send specially crafted IPv4 DHCP packets to Cisco IOS XE SD-A...

Same vulnerability type (CWE-783)