Apple has released critical security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2025-24085. Continue reading this Cybersecurity Threat Advisory in full to learn what devices are affected and how you can mitigate your risk regarding this vulnerability.
What is the threat?
CVE-2025-24085 is a privilege escalation vulnerability within Apple’s Core Media framework. This vulnerability allows a malicious application already installed on a device to elevate its privileges, potentially leading to unauthorized access to sensitive data, system compromise, or further malicious activity.
Why is this noteworthy?
The vulnerability is particularly significant because it impacts a vast range of Apple devices including iPhones, iPads, Macs, Apple Watches, Apple TVs, and even the recently launched Apple Vision Pro. Apple’s swift response highlights the ongoing risks of targeted attacks against both older and newer devices within its ecosystem.
What is the exposure or risk?
If the vulnerability is left unpatched it would expose the users to sophisticated attacks including unauthorized privilege escalation, where malicious applications can gain elevated privileges and potentially take control of user endpoints. Attackers have already exploited the flaw, indicating that they could target users through specific attacks.
Additionally, the vulnerability impacts a wide range of devices, including:
- iPhones (XS and newer)
- iPads (7th generation and later)
- macOS Sequoia systems
- Apple Watches (Series 6 and later)
- Apple TVs
Although Apple has not disclosed specific details about the attackers or the methods employed, the exploitation of vulnerability highlights the imminent danger of looming attacks, emphasizing the urgent need to address this security flaw.
What are the recommendations?
Barracuda recommends the following actions to mitigate your risk against this vulnerability:
- Update affected devices to the latest software versions.
- Configure devices to automatically download and install security updates to reduce exposure to future vulnerabilities.
- Audit devices for unauthorized or suspicious applications and remove any applications that you have not explicitly approved or recognized.
- Enforce policies that prevent the installation of apps from untrusted sources, limiting downloads to verified apps from the Apple App Store.
References:
For more in-depth information about the recommendations, please visit the following links:
- https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html?m=1
- https://securityonline.info/cve-2025-24085-apple-patches-actively-exploited-zero-day-vulnerability/
- https://www.securityweek.com/apple-patches-first-exploited-ios-zero-day-of-2025/
- https://nvd.nist.gov/vuln/detail/CVE-2025-24085
If you have any questions about this Cybersecurity Threat Advisory, don’t hesitate to get in touch with Barracuda Managed XDR’s Security Operations Center.
