CISA Adds Apple CVE-2025-24201 to KEV Catalog

CISA has added a serious Apple Webkit vulnerability to its Known Exploited Vulnerabilities catalog three days after Apple released fixes for the bug, which affects many Apple products. 

CVE: CVE-2025-24201

Why It Matters: The vulnerability is known to have been used in what Apple calls an “extremely sophisticated attack against specific targeted individuals”. Apple does not typically share more information about active exploitation than simply acknowledging that it’s happening, so there are no further details about who was targeted or in what fashion. The flaw affects several different versions of iPhones and iPads.

Key Details

• This vulnerability affects iOS and iPad OS 

• The fixed versions of the software are iOS and iPad OS 18.3.2

• The vulnerability is an out-of-bounds write that can allow an attacker to escape the Apple sandbox

• “Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2,” the Apple advisory says.

Apple does not release these kinds of supplemental or emergency patches very often, but when they do the bugs and associated attacks are something to pay close attention to.