On Monday, Apple rolled out critical security updates to address several vulnerabilities affecting iPhones, Macs, and other devices, including a zero-day vulnerability actively exploited in the wild to target iPhone users.
The zero-day vulnerability, identified as CVE-2025-24085 (no CVSS score assigned yet), is a use-after-free flaw in Apple’s Core Media component that could allow a pre-installed malicious application to gain elevated privileges on vulnerable devices.
According to Apple, the Core Media is a foundational framework within the Apple operating system that offers the underlying structure for processing and managing media data like video and audio.
It is the media pipeline used by AVFoundation and other high-level media frameworks found on Apple platforms.
“Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2,” the company wrote in the advisory ([1], [2], [3], [4], [5]) published on Monday.
The zero-day vulnerability affected a broad range of Apple devices, including:
- iPhone XS and later
- iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad mini (5th generation and later)
- Macs running macOS Sequoia 15.3
- Apple Watch Series 6 and later
- Apple TV HD and Apple TV 4K (all models)
- Apple Vision Pro running visionOS 2.3
Apple has resolved the CVE-2025-24085 vulnerability by releasing software updates — iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, visionOS 2.3, and tvOS 18.3 — with improved memory management.
Meanwhile, the company has not provided any information on how the above vulnerability was exploited, by whom, or who may have been targeted.
It has also not attributed the discovery of the vulnerability to a researcher.
Users are urged to update their iPhone, iPad, Mac, Apple Watch, and Apple TV immediately with the latest security updates to stay protected against potential threats.
Enable automatic updates to ensure you receive future patches on your devices without delay.
Further, avoid clicking on suspicious links and only download apps from trusted sources to reduce the risk of vulnerabilities.
