Apple iPadOS
Moderate fix1 remedy
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*
Moderate fix1 remedy
Apple WebKit Arbitrary Code Execution Vulnerability
Vulnerability
Patched
A buffer overflow vulnerability in the WebKit component of multiple Apple operating systems, including iOS 17.4, iPadOS 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, and macOS Sonoma 14.4, has been identified. This vulnerability allows for arbitrary code execution when processing web content. The issue arises from improper memory handling, which can be exploited by maliciously crafted web content.
Impact
Exploitation of this vulnerability could lead to arbitrary code execution with the privileges of the user.
Reproduction
The vulnerability can be reproduced by processing a maliciously crafted image or web content, which triggers the buffer overflow due to inadequate input validation. This can be done through applications that utilize WebKit for rendering content, such as the Safari browser or other apps that embed a web view.
Remediation
Users can update to the latest versions of iOS, iPadOS, tvOS, watchOS, visionOS, or macOS to address this vulnerability.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
7.5exploitability
4.8remediation
7.7relevance
0.0threat
1.6urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.