Pierluigi Paganini
January 27, 2025
Apple released security updates to address 2025’s first zero-day vulnerability, tracked as CVE-2025-24085, actively exploited in attacks targeting iPhone users.
The vulnerability is a privilege escalation vulnerability that impacts the Core Media framework.
“A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.” reads the advisory ([1], [2], [3], [4], [5]) published by the IT giant.
The Apple Core Media framework supports multimedia tasks like playback, recording, and manipulation of audio and video on iOS and macOS devices.
The company addressed the use after free issue with improved memory management.
Threat actors exploited the vulnerability to target devices running iOS before iOS 17.2.
The vulnerability impacts iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.
Apple addressed the issue with the release of iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, visionOS 2.3, and tvOS 18.3.
As usual, the company did not share details regarding the attacks exploiting the flaw.
Usually, such kinds of vulnerabilities are exploited by nation-state actors or commercial surveillance spyware vendors in targeted attacks.
Customers are recommended to install the security updates released by the company.
In 2024, Apple addressed six zero-day vulnerabilities in its products.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, iPhone)
