{"vulnerability": "CVE-2025-24159", "sightings": [{"uuid": "fb97ad6a-23f9-4521-ae71-be47f1afa12d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24159", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqxvoeapy2c", "content": "", "creation_timestamp": "2025-01-27T22:19:12.623379Z"}, {"uuid": "3db42c2c-5a2c-4eb4-a23c-cfe4b29425f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24159", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lgsnm5mjrc2f", "content": "", "creation_timestamp": "2025-01-28T14:20:16.680606Z"}, {"uuid": "14acfa16-b779-46d6-9516-6a4ea19dbe71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24159", "type": "seen", "source": "Telegram/rZuPY8uiZ7CWYEKspQjwvL0cBaWNM24mhZEA78AJI-WcjXo", "content": "", "creation_timestamp": "2026-04-02T22:13:49.000000Z"}, {"uuid": "f279c245-09dd-405f-b261-cdf429bb4aa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24159", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgraunobni2y", "content": "", "creation_timestamp": "2025-01-28T00:59:45.851455Z"}, {"uuid": "6a343fb8-b58b-470f-8664-e5d0c149b3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24159", "type": "exploited", "source": "https://t.me/itsec_news/5245", "content": "\u200b\u26a1\ufe0fApple \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f 2025 \u0433\u043e\u0434\u0430\n\n\ud83d\udcac Apple \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f iPhone, iPad, \u043e\u0447\u043a\u0438 Vision Pro, Apple TV \u0438 macOS Sequoia, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u0432, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2025-24085 , \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 use-after-free() \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 CoreMedia , \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0430\u0443\u0434\u0438\u043e \u0438 \u0432\u0438\u0434\u0435\u043e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Apple. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0437\u0430 \u0441\u0447\u0435\u0442 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u044c\u044e.\n\n\u0414\u0435\u0442\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u0442\u0435\u0445, \u043a\u0442\u043e \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b, \u043f\u043e\u043a\u0430 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438. \u0421\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. Apple \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u043e\u0442\u0438\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 iOS \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e iOS 17.2. \u042d\u0442\u043e \u043f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u0432 2025 \u0433\u043e\u0434\u0443.\n\n\u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Apple \u0443\u0442\u043e\u0447\u043d\u0438\u043b\u0430: \u00ab\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438. Apple \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0438, \u0447\u0442\u043e \u044d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u0440\u043e\u0442\u0438\u0432 \u0432\u0435\u0440\u0441\u0438\u0439 iOS \u0434\u043e iOS 17.2\u00bb.\n\nApple \u043d\u0435 \u0443\u043a\u0430\u0437\u0430\u043b\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438\u043b\u0438 \u0433\u0440\u0443\u043f\u043f\u0443, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0443\u044e CVE-2025-24085, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 CVSS-\u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0434\u0435\u0442\u0430\u043b\u0438. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u041e\u0421 Apple.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0440\u044f\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f iPhone \u0438 iPad. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f iOS 18.3 \u0438 iPadOS 18.3 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f iPhone XS \u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f iPad Pro (13 \u0438 12.9 \u0434\u044e\u0439\u043c\u043e\u0432), iPad Air (3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435), iPad (7-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435) \u0438 iPad mini (5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435).\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0447\u043a\u043e\u0432 Apple Vision Pro \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e visionOS 2.3 , \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c Apple TV \u2014 \u0434\u043e tvOS 18.3 , \u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c macOS Sequoia \u2014 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 15.3 . \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f Apple Watch Series 6 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 watchOS 11.3 .\n\n\u041f\u043e\u043c\u0438\u043c\u043e CVE-2025-24085, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, CVE-2025-24137 \u0432 iOS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 AirPlay, CVE-2025-24145 \u043c\u043e\u0433\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u043d\u043e\u043c\u0435\u0440 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0447\u0435\u0440\u0435\u0437 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043b\u043e\u0433\u0438, \u0430 CVE-2025-24107 \u0438 CVE-2025-24159 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u044f\u0434\u0440\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-24128 \u0432 Safari \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0430\u0434\u0440\u0435\u0441\u043d\u0443\u044e \u0441\u0442\u0440\u043e\u043a\u0443 \u0434\u043b\u044f \u043f\u043e\u0434\u043c\u0435\u043d\u044b \u0441\u0441\u044b\u043b\u043a\u0438.\n\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u0448\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f macOS Sonoma 14.7.3 \u0438 Ventura 13.7.3 , \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043b\u044f CVE-2025-24159 \u0432 \u044f\u0434\u0440\u0435.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-01-28T08:37:14.000000Z"}, {"uuid": "44c6c6ee-56ec-4684-9d11-ee1e62ab86b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24159", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8046", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24159\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2025-01-27T21:45:57.297Z\n\ud83d\udccf Modified: 2025-03-19T14:05:27.746Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122069\n2. https://support.apple.com/en-us/122073\n3. https://support.apple.com/en-us/122072\n4. https://support.apple.com/en-us/122068\n5. https://support.apple.com/en-us/122067\n6. https://support.apple.com/en-us/122071\n7. https://support.apple.com/en-us/122066", "creation_timestamp": "2025-03-19T14:16:37.000000Z"}, {"uuid": "56f4c130-30a3-4ad9-80ef-68d9803d6195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24159", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3187", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24159\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2025-01-28T00:32:15Z\n\ud83d\udccf Modified: 2025-01-28T00:32:15Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-24159\n2. https://support.apple.com/en-us/122066\n3. https://support.apple.com/en-us/122067\n4. https://support.apple.com/en-us/122068\n5. https://support.apple.com/en-us/122069\n6. https://support.apple.com/en-us/122071\n7. https://support.apple.com/en-us/122072\n8. https://support.apple.com/en-us/122073", "creation_timestamp": "2025-01-28T01:08:10.000000Z"}, {"uuid": "3b830e7d-2c21-4088-96cd-8fad3361a7f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24159", "type": "seen", "source": "https://t.me/cvedetector/16542", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24159 - \"Apple iOS/WatchOS/TVOS/OS Escalation of Privilege\"\", \n  \"Content\": \"CVE ID : CVE-2025-24159 \nPublished : Jan. 27, 2025, 10:15 p.m. | 36\u00a0minutes ago \nDescription : A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-28T00:23:42.000000Z"}]}