Apple has recently released iOS 18.3.2 and iPadOS 18.3.2, addressing CVE-2025-24201, a vulnerability that had been actively exploited in the wild prior to its remediation. Due to the sophisticated nature of the attacks leveraging this flaw, it falls within the category of zero-day vulnerabilities.
According to Apple’s advisory, attackers could craft malicious web content to escape WebKit’s sandbox, allowing them to break out of the browser’s security constraints and impact other critical components of the operating system. A similar vulnerability had been patched in iOS 17.2, and this latest update serves as a supplementary fix to that previous remediation. Apple has confirmed that, before the release of iOS 17.2, threat actors had weaponized this flaw to carry out highly complex, targeted attacks against specific individuals.
Notably, in a separate February security update, Apple used identical wording—“highly sophisticated attacks targeting specific individuals”—to describe the exploitation of another zero-day vulnerability. Given that Apple had not previously employed such language in its security advisories, it strongly suggests a possible connection between the two zero-day exploits.
Vulnerability Summary:
- CVE ID: CVE-2025-24201
- WebKit Tracking ID: 285858
- Description: An out-of-bounds write issue has been resolved through improved validation checks, preventing unauthorized operations.
Supported Devices for iOS 18.3.2 and iPadOS 18.3.2:
- iPhone XS and later models
- iPad Pro 13-inch
- iPad Pro 12.9-inch (3rd generation and later)
- iPad Pro 11-inch (1st generation and later)
- iPad Air (3rd generation and later)
- iPad (7th generation and later)
- iPad Mini (5th generation and later)
