July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Intel Products Vulnerabilities
May 19, 2025Actively Exploited Zero-Day Vulnerability Discovered in Ivanti EPMM
May 19, 2025Multiple Intel Products Vulnerabilities
May 19, 2025Actively Exploited Zero-Day Vulnerability Discovered in Ivanti EPMM
May 19, 2025
Severity
High
Analysis Summary
CVE-2025-24223 CVSS:8.8
Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by an issue in the WebKit component when visiting a specially crafted Web site.
CVE-2025-31241 CVSS:7.5
Apple visionOS is vulnerable to a denial of service, caused by a double free issue in the Kernel component when using a specially crafted application.
CVE-2025-31251 CVSS:7.8
Apple visionOS could allow a remote attacker to execute arbitrary code on the system, caused by an issue in the AppleJPEG component when opening a specially crafted file.
Impact
- Code Execution
- Denial of Service
Indicators of Compromise
CVE
CVE-2025-24223
CVE-2025-31241
CVE-2025-31251
Affected Vendors
- Apple
Affected Products
- Apple macOS - unspecified
- Apple tvOS - unspecified
- Apple watchOS - unspecified
- Apple iOS and iPadOS - unspecified
- Apple iPadOS - unspecified
- Apple visionOS - 2.4.0
- Apple Safari - 18.4
Remediation
Refer to Apple Security Advisory for patch, upgrade, or suggested workaround information.