CVE-2025-24143 — MEDIUM (6.5)

Q: How severe is CVE-2025-24143?

CVE-2025-24143 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-24143?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari, Apple Ipados, Apple Macos, Apple Visionos.

Vulnerability Description

The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Apple	Safari	< 18.3
Apple	Ipados	< 18.3
Apple	Macos	< 15.3
Apple	Visionos	< 2.3

Related Weaknesses (CWE)

CWE-862

References

FAQ

What is CVE-2025-24143?

CVE-2025-24143 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webp...

How severe is CVE-2025-24143?

CVE-2025-24143 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-24143?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari, Apple Ipados, Apple Macos, Apple Visionos.