CVE-2025-24143

Summary

The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.

Affected Software

VendorProductVersion RangeStatus
AppleSafari0 < 18.3affected
AppleiOS and iPadOS0 < 18.3affected
ApplemacOS0 < 15.3affected
ApplevisionOS0 < 2.3affected

Weaknesses

  • A maliciously crafted webpage may be able to fingerprint the user

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References