CVE-2024-54525
moderate-risk
Published 2025-03-17
A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Restoring a maliciously crafted backup file may lead to modification of protected system files.
Do I need to act?
~
1.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
NETWORK
/ LOW complexity
Affected Vendors
References (5)
Release Notes
https://support.apple.com/en-us/121837
Release Notes
https://support.apple.com/en-us/121839
Release Notes
https://support.apple.com/en-us/121843
Release Notes
https://support.apple.com/en-us/121844
Release Notes
https://support.apple.com/en-us/121845
47
/ 100
moderate-risk
Severity
30/34 · Critical
Exploitability
4/34 · Minimal
Exposure
13/34 · Low