Primary

Context

Apple CoreMedia Use-After-Free Vulnerability Allowing App Termination

Vulnerability

Patched

A use-after-free vulnerability has been identified in the CoreMedia component of multiple Apple operating systems, including watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5, macOS Ventura 13.7.6, and visionOS 2.5. This vulnerability arises from improper memory management, which can be exploited by parsing a maliciously crafted media file, leading to an unexpected app termination.

Impact

Exploitation of this vulnerability causes an unexpected app termination.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple CoreMedia Use-After-Free Vulnerability Allowing App Termination

Vulnerability

Impact

Affected Products

Apple watchOS

Apple macOS Sequoia

Apple tvOS

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating