Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in Apple Products
Alerts

Critical Vulnerability in Apple Products

4 February 2025

Apple has released security updates addressing a critical vulnerability (CVE-2025-24118) in their products.

The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10 and the Proof of Concept exploit is publicly available.

Successful exploitation of the vulnerability may allow an attacker to perform privilege escalation, memory corruption and execute kernel-level arbitrary code.

The vulnerability has been fixed in the following devices and operating system versions:

  • macOS Sonoma 14.7.3

  • macOS Sequoia 15.3

  • iPadOS 17.7.4

Users and administrators of affected products are advised to update to the latest versions immediately.

Users are also advised to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates.

More information is available here:

https://nvd.nist.gov/vuln/detail/CVE-2025-24118

https://securityonline.info/poc-exploit-released-for-macos-kernel-vulnerability-cve-2025-24118-cvss-9-8/

https://support.apple.com/en-us/12206