CVE-2025-24144 is a medium-severity information disclosure vulnerability identified in Apple’s iOS and iPadOS platforms, as well as other Apple operating systems such as macOS Sequoia, macOS Sonoma, macOS Ventura, tvOS, visionOS, and watchOS. The vulnerability arises from a flaw in the kernel code that could allow a locally executed app to leak sensitive kernel state information. This leakage could expose critical system details that may aid attackers in further compromising the device or bypassing security mechanisms. The vulnerability has a CVSS v3.1 base score of 5.5, reflecting its moderate impact and exploitation complexity. The attack vector is local (AV:L), requiring the attacker to have physical or logical access to the device. No privileges are required (PR:N), but user interaction is necessary (UI:R), such as installing or running a malicious app. The scope is unchanged (S:U), and the impact affects confidentiality (C:H) without affecting integrity or availability. Apple fixed the issue by removing the vulnerable code in iOS 18.3, iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.3, visionOS 2.3, and watchOS 11.3. The vulnerability is classified under CWE-200 (Exposure of Sensitive Information). There are no known exploits in the wild at this time, but the disclosure highlights the importance of timely patching to prevent potential information leakage that could facilitate further attacks.

The primary impact of CVE-2025-24144 is the unauthorized disclosure of sensitive kernel state information, which compromises confidentiality. This leakage could provide attackers with insights into kernel memory layout, security mechanisms, or other protected data, potentially enabling privilege escalation or bypassing security controls in subsequent attacks. Although the vulnerability does not directly affect system integrity or availability, the exposure of kernel state can undermine the overall security posture of affected devices. Organizations relying on Apple devices for sensitive operations, including enterprises, government agencies, and critical infrastructure sectors, may face increased risk if attackers leverage this information to craft more sophisticated exploits. The requirement for local access and user interaction limits the scope somewhat, but targeted attacks or malicious apps distributed through social engineering could still pose significant threats. Failure to patch could lead to data breaches, loss of sensitive information, and erosion of trust in device security.

To mitigate CVE-2025-24144, organizations and users should promptly update all affected Apple devices to the patched OS versions: iOS 18.3, iPadOS 18.3 and 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.3, visionOS 2.3, and watchOS 11.3. Beyond patching, organizations should enforce strict app installation policies, limiting installation to trusted sources such as the official Apple App Store and employing Mobile Device Management (MDM) solutions to control app permissions and monitor for suspicious activity. User education on the risks of installing untrusted apps and social engineering tactics is critical to reduce the likelihood of exploitation. Additionally, employing runtime protections such as kernel integrity monitoring and anomaly detection can help identify attempts to exploit leaked kernel information. Regular security audits and vulnerability assessments on Apple devices will further enhance detection and response capabilities.