CVE-2025-24225

Summary

An injection issue was addressed with improved input validation. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. Processing an email may lead to user interface spoofing.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOS0 < 18.5affected
AppleiPadOS0 < 17.7.7affected

Weaknesses

  • Processing an email may lead to user interface spoofing

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References