AI description
CVE-2025-24203 is a vulnerability affecting Apple's macOS and iPadOS operating systems. It allows an application to modify protected parts of the file system due to insufficient checks in the system's file protection mechanisms. Apple addressed this issue by implementing improved checks to prevent unauthorized modifications to protected file system areas. The vulnerability is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. Users are advised to update their systems to the latest versions to protect against this vulnerability.
- Description
- The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 5
- Impact score
- 3.6
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
6
iOSのカーネル脆弱性CVE-2025-24203に対応するPoC(攻撃の概念実証コード)が公開された。“dirtyZero”あるいは“mdc0”と呼ばれている脆弱性で、Jailbreak不要でファイルシステムへの変更が可能なもの。メモリ管理
@__kokumoto
1673 Impressions
8 Retweets
20 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-24203 هذه الثغرة تذكرني في بدايات انحراف الجيلبريك يوم طلع لنا فيلزا ipa ويوم يطلع لنا مزايا لنظام مثل اخفاء الدوك وغيرة والان طالع لنا iDevice Toolkit • dirtyZer
@ios8me
3723 Impressions
4 Retweets
31 Likes
7 Bookmarks
1 Reply
0 Quotes
[RELEASE] iDevice ToolKit is now out! An iOS 16.0 - 18.3.2 tweaking / customization app based on Ian Beer's CVE-2025-24203 exploit! All Devices. ✅ Download the IPA here: https://t.co/eiORVbY6Zr This app enables system-level tweaks without a jailbreak, and works on all devices
@minacris_
2884 Impressions
10 Retweets
40 Likes
10 Bookmarks
4 Replies
0 Quotes
👉 CVE-2025-24203, a security vulnerability in iOS that allowed arbitrary read/write, enabling bypass of Pointer Authentication, as noted in Apple’s iOS 18.4.1 security update; it was exploited in targeted attacks before being patched in iOS 18.4. 👉 The linked GitHub proj
@Your_Gift_Code
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
👉 Basic customization app using CVE-2025-24203. Patched in iOS 18.4. 👉 Anyone on iOS 18.5 can still downgrade to 18.3 RC! 👉 https://t.co/SCzBSsyhrx
@Your_Gift_Code
135 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[RELEASE] iDevice ToolKit is now out! An iOS 16.0 - 18.3.2 tweaking / customization app based on Ian Beer's CVE-2025-24203 exploit! All Devices. ✅ Download the IPA here: https://t.co/scFEDg4e2b This app enables system-level tweaks without a jailbreak, and works on all devices
@FCE365
28444 Impressions
35 Retweets
166 Likes
57 Bookmarks
23 Replies
2 Quotes
`CVE-2025-24203`: hierarchy of vm_object_t when changing `MAP_SHARED` to `MAP_PRIVATE`. The topmost object has its own physical page. https://t.co/qeDJYKs9je
@ProteasWang
5965 Impressions
13 Retweets
70 Likes
22 Bookmarks
0 Replies
0 Quotes
RELEASE: I created a Swift port for the CVE-2025-24203 exploit by Ian Beer of Google Project Zero. It's part of my upcoming iDevice Toolkit app. Feel free to use it in your project. Compatibility: iOS 16.0 - iOS 18.3.2, All Devices. Does NOT work on: iOS 18.4+, iOS 17.7.6+ http
@minacris_
2734 Impressions
4 Retweets
17 Likes
6 Bookmarks
1 Reply
0 Quotes
I’d like to get into the specifics of CVE-2025-24203, the exploit that dirtyZero and other apps alike use. This exploit cannot overwrite files, so most tweaks from the MDC days cannot work. However, you can delete files, which is why removing things like the dock background wor
@lunginspector
8448 Impressions
0 Retweets
55 Likes
8 Bookmarks
4 Replies
1 Quote
RELEASE: I created a Swift port for the CVE-2025-24203 exploit by Ian Beer of Google Project Zero. It's part of my upcoming iDevice Toolkit app. Feel free to use it in your project. Compatibility: iOS 16.0 - iOS 18.3.2, All Devices. Does NOT work on: iOS 18.4+, iOS 17.7.6+ http
@FCE365
38270 Impressions
13 Retweets
93 Likes
25 Bookmarks
6 Replies
3 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-37752 2 - CVE-2025-0995 3 - CVE-2025-1550 4 - CVE-2025-24203 5 - CVE-2025-32819 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Brothers, is there anyone who can take advantage of the CVE-2025-24203 vulnerability to let me enter the var system directory? I'm willing to pay $500 for the hard work. https://t.co/keVjNLboQ1
@Vy0dN25knB21999
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
iOS 18.3 using the new exploit that zeroes files in ram out (CVE-2025-24203) https://t.co/UF6TCoRoCj
@minacris_
3441 Impressions
2 Retweets
34 Likes
6 Bookmarks
1 Reply
0 Quotes
iOS 18.3 using the new exploit that zeroes files in ram out (CVE-2025-24203) https://t.co/drwy8irVaR
@c4ndyf1sh
20515 Impressions
13 Retweets
216 Likes
56 Bookmarks
3 Replies
1 Quote
I’ve attempted to make a simple iOS application to get some usage out of CVE-2025-24203, based upon dirtyZero by @skadz108 https://t.co/DdMn0LBhci
@MWRevamped
6400 Impressions
2 Retweets
50 Likes
27 Bookmarks
5 Replies
1 Quote
dirtyZero v0.2. Released A simple customization toolbox, utilizing CVE-2025-24203 https://t.co/T5XuGehI8b changes new ui (thx @lunginspector) updated disclaimer https://t.co/UPylbVao99
@ZeeJailbreak
427 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
(CVE-2025-24203) VM_BEHAVIOR_ZERO_WIRED_PAGES The behavior allows writing to read-only pages. It's kind of interesting.
@lczyyds668
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 dirtyZero v0.1 is here! Hide the Dock & Home Bar on iOS 18.3.2 and below — no jailbreak needed. Powered by CVE-2025-24203 (POC app) 🔥 👉 https://t.co/Yp5dT4kFUo By @skadz108 #dirtyZero #iOS18 #iOS1832 #iPhone #NoJailbreak #AltStore #SideStore #Sideloading http
@senumy_jb
2837 Impressions
4 Retweets
40 Likes
12 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBFFCD3D-705F-4D23-8F1F-F5F4D880E7A5",
"versionEndExcluding": "17.7.6"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAFA86AE-8EE9-414C-9FD2-C8551FF2A5CC",
"versionEndExcluding": "13.7.5",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D05DCA25-A1A0-4AEA-9F31-952803114EE2",
"versionEndExcluding": "14.7.5",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1320B815-0457-4276-83B9-AFAFDAF17EDA",
"versionEndExcluding": "15.4",
"versionStartIncluding": "15.0"
}
],
"operator": "OR"
}
]
}
]