CVE-2025-24113

EUVD-2025-3625
The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead to user interface spoofing.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
applesafari
𝑥
< 18.3
appleipados
𝑥
< 18.3
appleiphone_os
𝑥
< 18.3
applemacos
𝑥
< 15.3
applevisionos
𝑥
< 2.3
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/122066
https://support.apple.com/en-us/122068
https://support.apple.com/en-us/122073
https://support.apple.com/en-us/122074
https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122372
https://support.apple.com/en-us/122373
https://support.apple.com/en-us/122376
https://support.apple.com/en-us/122378
https://support.apple.com/en-us/122379
http://seclists.org/fulldisclosure/2025/Apr/12
http://seclists.org/fulldisclosure/2025/Apr/13
http://seclists.org/fulldisclosure/2025/Apr/2
http://seclists.org/fulldisclosure/2025/Apr/4
http://seclists.org/fulldisclosure/2025/Apr/5
http://seclists.org/fulldisclosure/2025/Apr/8
http://seclists.org/fulldisclosure/2025/Jan/12
http://seclists.org/fulldisclosure/2025/Jan/13
http://seclists.org/fulldisclosure/2025/Jan/15
http://seclists.org/fulldisclosure/2025/Jan/20