Severity
Medium
Analysis Summary
CVE-2025-24132 CVSS:9.8
Apple macOS Sequoia, tvOS, macOS Ventura, iPadOS, macOS Sonoma, iOS, iPadOS and visionOS are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the AirPlay protocol. By using Wi-fi, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-42973 CVSS:4
Apple iOS and iPadOS could allow a remote attacker to access private browsing tabs, caused by improper authentication validation.
CVE-2023-42961 CVSS:4
Apple macOS, iOS and iPadOS could allow a local attacker to bypass sandbox restrictions, caused by improper path handling.
CVE-2023-42983 CVSS:4.4
Apple macOS could allow a remote attacker to obtain memory contents or cause a denial of service condition, caused by improper input validation by the Model I/O component.
Impact
- Buffer Overflow
- Information Disclosure
- Security Bypass
Indicators of Compromise
CVE
CVE-2025-24132
CVE-2023-42973
CVE-2023-42961
CVE-2023-42983
Affected Vendors
- Apple
Affected Products
- Apple macOS Ventura
- Apple iOS - 18.3.0
- Apple iOS and iPadOS - 16
- Apple tvOS - 18.3
- Apple iPadOS - 17.7.5
- Apple macOS Sequoia - 15.3
Remediation
Refer to the Apple security document for patch, upgrade, or suggested workaround information.