CVE-2025-24113

Summary

The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead to user interface spoofing.

Affected Software

VendorProductVersion RangeStatus
AppleSafari0 < 18.3affected
AppleSafari0 < 18.4affected
AppleiOS and iPadOS0 < 18.3affected
AppleiOS and iPadOS0 < 18.4affected
AppleiPadOS0 < 17.7.6affected
ApplemacOS0 < 15.3affected
ApplemacOS0 < 15.4affected
ApplevisionOS0 < 2.3affected
ApplevisionOS0 < 2.4affected
ApplewatchOS0 < 11.4affected

Weaknesses

  • Visiting a malicious website may lead to user interface spoofing

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References