Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-24200 (GCVE-0-2025-24200)
Vulnerability from cvelistv5 – Published: 2025-02-10 19:04 – Updated: 2025-11-03 21:07
VLAI?
EPSS
CISA
Summary
An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Severity ?
6.1 (Medium)
CWE
- A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
|||||||
|
|||||||||
CISA Known Exploited Vulnerability
Data from the CISA Known Exploited Vulnerabilities Catalog
Date added: 2025-02-12
Due date: 2025-03-05
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Used in ransomware: Unknown
Notes: https://support.apple.com/en-us/122173 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24200
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:07:31.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Feb/7"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Feb/8"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Apr/7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24200",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T04:55:19.603091Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-02-12",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24200"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:29.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24200"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-12T00:00:00+00:00",
"value": "CVE-2025-24200 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T19:04:45.242Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122173"
},
{
"url": "https://support.apple.com/en-us/122174"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-24200",
"datePublished": "2025-02-10T19:04:45.242Z",
"dateReserved": "2025-01-17T00:00:44.999Z",
"dateUpdated": "2025-11-03T21:07:31.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2025-24200",
"cwes": "[\"CWE-863\"]",
"dateAdded": "2025-02-12",
"dueDate": "2025-03-05",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://support.apple.com/en-us/122173 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24200",
"product": "iOS and iPadOS",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device.",
"vendorProject": "Apple",
"vulnerabilityName": "Apple iOS and iPadOS Incorrect Authorization Vulnerability"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-24200\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2025-02-10T19:15:40.107\",\"lastModified\":\"2025-11-04T15:23:42.597\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.\"},{\"lang\":\"es\",\"value\":\"Se solucion\u00f3 un problema de autorizaci\u00f3n con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en iPadOS 17.7.5, iOS 18.3.1 y iPadOS 18.3.1. Un ataque f\u00edsico puede desactivar el modo restringido de USB en un dispositivo bloqueado. Apple tiene conocimiento de un informe que indica que este problema puede haber sido explotado en un ataque extremadamente sofisticado contra individuos espec\u00edficos. \"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.9,\"impactScore\":5.2},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.9,\"impactScore\":5.2}]},\"cisaExploitAdd\":\"2025-02-12\",\"cisaActionDue\":\"2025-03-05\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Apple iOS and iPadOS Incorrect Authorization Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.8.4\",\"matchCriteriaId\":\"307F4698-5786-4CA5-98A8-E3AAF1E7A09D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0\",\"versionEndExcluding\":\"17.7.5\",\"matchCriteriaId\":\"A5E5F39B-44E2-4B72-8FC3-B5224F0E26F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.0\",\"versionEndExcluding\":\"18.3.1\",\"matchCriteriaId\":\"A77F4D69-3C11-4074-A7E6-C85767F026EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.8.4\",\"matchCriteriaId\":\"F8A92F23-F3AF-4365-B405-70AFC1D9ECB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0\",\"versionEndExcluding\":\"18.3.1\",\"matchCriteriaId\":\"81B77B4A-A57B-43BC-B404-E3E75F80A3A3\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/122173\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/122174\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2025/Apr/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2025/Feb/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2025/Feb/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24200\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://seclists.org/fulldisclosure/2025/Feb/7\"}, {\"url\": \"http://seclists.org/fulldisclosure/2025/Feb/8\"}, {\"url\": \"http://seclists.org/fulldisclosure/2025/Apr/7\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T21:07:31.682Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-24200\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-13T04:55:19.603091Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2025-02-12\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24200\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-02-12T00:00:00+00:00\", \"value\": \"CVE-2025-24200 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24200\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863 Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-11T14:57:03.363Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Apple\", \"product\": \"iPadOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"17.7\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"iOS and iPadOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"18.3\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://support.apple.com/en-us/122173\"}, {\"url\": \"https://support.apple.com/en-us/122174\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.\"}]}], \"providerMetadata\": {\"orgId\": \"286789f9-fbc2-4510-9f9a-43facdede74c\", \"shortName\": \"apple\", \"dateUpdated\": \"2025-02-10T19:04:45.242Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-24200\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T21:07:31.682Z\", \"dateReserved\": \"2025-01-17T00:00:44.999Z\", \"assignerOrgId\": \"286789f9-fbc2-4510-9f9a-43facdede74c\", \"datePublished\": \"2025-02-10T19:04:45.242Z\", \"assignerShortName\": \"apple\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-HVW5-4G4Q-2H8P
Vulnerability from github – Published: 2025-02-10 21:31 – Updated: 2025-11-03 21:32
VLAI?
Details
An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2025-24200"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-10T19:15:40Z",
"severity": "HIGH"
},
"details": "An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.",
"id": "GHSA-hvw5-4g4q-2h8p",
"modified": "2025-11-03T21:32:41Z",
"published": "2025-02-10T21:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24200"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122173"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122174"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24200"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/7"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Feb/7"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Feb/8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
NCSC-2025-0103
Vulnerability from csaf_ncscnl - Published: 2025-04-01 08:42 - Updated: 2025-04-01 08:42Summary
Kwetsbaarheden verholpen in Apple iOS en iPadOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Apple heeft meerdere kwetsbaarheden verholpen in iOS en iPadOS.
Interpretaties
De kwetsbaarheden omvatten onder andere geheugenbeheerproblemen, ongeautoriseerde toegang tot gevoelige gebruikersdata, en de mogelijkheid voor applicaties om hun sandbox-omgevingen te ontsnappen. Deze kwetsbaarheden konden leiden tot ongeautoriseerde toegang, gegevenswijzigingen, of zelfs Denial-of-Service. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide app te installeren of link te volgen.
Oplossingen
Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-1025
Comparison Using Wrong Factors
CWE-697
Incorrect Comparison
CWE-125
Out-of-bounds Read
CWE-284
Improper Access Control
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-863
Incorrect Authorization
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-20
Improper Input Validation
CWE-276
Incorrect Default Permissions
CWE-275
CWE-275
CWE-770
Allocation of Resources Without Limits or Throttling
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Apple heeft meerdere kwetsbaarheden verholpen in iOS en iPadOS.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden omvatten onder andere geheugenbeheerproblemen, ongeautoriseerde toegang tot gevoelige gebruikersdata, en de mogelijkheid voor applicaties om hun sandbox-omgevingen te ontsnappen. Deze kwetsbaarheden konden leiden tot ongeautoriseerde toegang, gegevenswijzigingen, of zelfs Denial-of-Service. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide app te installeren of link te volgen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Comparison Using Wrong Factors",
"title": "CWE-1025"
},
{
"category": "general",
"text": "Incorrect Comparison",
"title": "CWE-697"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
},
{
"category": "general",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://support.apple.com/en-us/122345"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://support.apple.com/en-us/122346"
},
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd",
"url": "https://support.apple.com/en-us/122372"
},
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd",
"url": "https://support.apple.com/en-us/122371"
}
],
"title": "Kwetsbaarheden verholpen in Apple iOS en iPadOS",
"tracking": {
"current_release_date": "2025-04-01T08:42:27.059536Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0103",
"initial_release_date": "2025-04-01T08:42:27.059536Z",
"revision_history": [
{
"date": "2025-04-01T08:42:27.059536Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:apple/16.7.11",
"product": {
"name": "vers:apple/16.7.11",
"product_id": "CSAFPID-2588450"
}
},
{
"category": "product_version_range",
"name": "vers:apple/18.2",
"product": {
"name": "vers:apple/18.2",
"product_id": "CSAFPID-1432307"
}
},
{
"category": "product_version_range",
"name": "vers:apple/18.3",
"product": {
"name": "vers:apple/18.3",
"product_id": "CSAFPID-1902947"
}
},
{
"category": "product_version_range",
"name": "vers:apple/18.3.2",
"product": {
"name": "vers:apple/18.3.2",
"product_id": "CSAFPID-2462478"
}
},
{
"category": "product_version_range",
"name": "vers:apple/18.4",
"product": {
"name": "vers:apple/18.4",
"product_id": "CSAFPID-2588454"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003c18.2",
"product": {
"name": "vers:unknown/\u003c18.2",
"product_id": "CSAFPID-1436912"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003c18.3",
"product": {
"name": "vers:unknown/\u003c18.3",
"product_id": "CSAFPID-1904380"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003c18.3.1",
"product": {
"name": "vers:unknown/\u003c18.3.1",
"product_id": "CSAFPID-2177846"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003c18.3.2",
"product": {
"name": "vers:unknown/\u003c18.3.2",
"product_id": "CSAFPID-2469033"
}
},
{
"category": "product_version_range",
"name": "vers:apple/15.8.4",
"product": {
"name": "vers:apple/15.8.4",
"product_id": "CSAFPID-2588452"
}
}
],
"category": "product_name",
"name": "iOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/unknown",
"product": {
"name": "vers:unknown/unknown",
"product_id": "CSAFPID-1332226"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/unspecified|\u003c18.2",
"product": {
"name": "vers:unknown/unspecified|\u003c18.2",
"product_id": "CSAFPID-1432291"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/unspecified|\u003c18.3",
"product": {
"name": "vers:unknown/unspecified|\u003c18.3",
"product_id": "CSAFPID-1901367"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/unspecified|\u003c18.4",
"product": {
"name": "vers:unknown/unspecified|\u003c18.4",
"product_id": "CSAFPID-2590080"
}
}
],
"category": "product_name",
"name": "iOS and iPadOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/15.0",
"product": {
"name": "vers:unknown/15.0",
"product_id": "CSAFPID-90190",
"product_identification_helper": {
"cpe": "cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.1",
"product": {
"name": "vers:unknown/15.1",
"product_id": "CSAFPID-90119"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.2",
"product": {
"name": "vers:unknown/15.2",
"product_id": "CSAFPID-90182"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.3",
"product": {
"name": "vers:unknown/15.3",
"product_id": "CSAFPID-773820"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.4",
"product": {
"name": "vers:unknown/15.4",
"product_id": "CSAFPID-90174"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.5",
"product": {
"name": "vers:unknown/15.5",
"product_id": "CSAFPID-90216"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.6",
"product": {
"name": "vers:unknown/15.6",
"product_id": "CSAFPID-90200"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.7",
"product": {
"name": "vers:unknown/15.7",
"product_id": "CSAFPID-90232"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.8",
"product": {
"name": "vers:unknown/15.8",
"product_id": "CSAFPID-90303"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/15.8.1",
"product": {
"name": "vers:unknown/15.8.1",
"product_id": "CSAFPID-821264"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/16.0",
"product": {
"name": "vers:unknown/16.0",
"product_id": "CSAFPID-90255"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/16.1",
"product": {
"name": "vers:unknown/16.1",
"product_id": "CSAFPID-90236"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/16.2",
"product": {
"name": "vers:unknown/16.2",
"product_id": "CSAFPID-90241"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/16.3",
"product": {
"name": "vers:unknown/16.3",
"product_id": "CSAFPID-90305"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/16.4",
"product": {
"name": "vers:unknown/16.4",
"product_id": "CSAFPID-90301"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/16.5",
"product": {
"name": "vers:unknown/16.5",
"product_id": "CSAFPID-90297"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/16.6",
"product": {
"name": "vers:unknown/16.6",
"product_id": "CSAFPID-90295"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/16.7",
"product": {
"name": "vers:unknown/16.7",
"product_id": "CSAFPID-90291"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.0",
"product": {
"name": "vers:unknown/17.0",
"product_id": "CSAFPID-90302",
"product_identification_helper": {
"cpe": "cpe:2.3:a:apple:iphone_os:17.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.1",
"product": {
"name": "vers:unknown/17.1",
"product_id": "CSAFPID-90306"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.2",
"product": {
"name": "vers:unknown/17.2",
"product_id": "CSAFPID-90307"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.3",
"product": {
"name": "vers:unknown/17.3",
"product_id": "CSAFPID-90308"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.4",
"product": {
"name": "vers:unknown/17.4",
"product_id": "CSAFPID-1077909"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.5",
"product": {
"name": "vers:unknown/17.5",
"product_id": "CSAFPID-1136180"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.6",
"product": {
"name": "vers:unknown/17.6",
"product_id": "CSAFPID-1136554"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7",
"product": {
"name": "vers:unknown/17.7",
"product_id": "CSAFPID-1136185"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/18.0",
"product": {
"name": "vers:unknown/18.0",
"product_id": "CSAFPID-1161343",
"product_identification_helper": {
"cpe": "cpe:2.3:a:apple:iphone_os:18.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/18.1",
"product": {
"name": "vers:unknown/18.1",
"product_id": "CSAFPID-1443657"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/18.2",
"product": {
"name": "vers:unknown/18.2",
"product_id": "CSAFPID-1906294"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/18.3",
"product": {
"name": "vers:unknown/18.3",
"product_id": "CSAFPID-1987760"
}
}
],
"category": "product_name",
"name": "iPhone OS"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:apple/18.2",
"product": {
"name": "vers:apple/18.2",
"product_id": "CSAFPID-1618595"
}
},
{
"category": "product_version_range",
"name": "vers:apple/18.3",
"product": {
"name": "vers:apple/18.3",
"product_id": "CSAFPID-1915327"
}
}
],
"category": "product_name",
"name": "Iphone Os"
}
],
"category": "product_family",
"name": "Apple"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24217",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24217",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24217.json"
}
],
"title": "CVE-2025-24217"
},
{
"cve": "CVE-2025-24221",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24221",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24221.json"
}
],
"title": "CVE-2025-24221"
},
{
"cve": "CVE-2025-24230",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24230",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24230.json"
}
],
"title": "CVE-2025-24230"
},
{
"cve": "CVE-2025-24237",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24237",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24237.json"
}
],
"title": "CVE-2025-24237"
},
{
"cve": "CVE-2025-24238",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "other",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24238",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24238.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-24238"
},
{
"cve": "CVE-2025-24243",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24243",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24243.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-24243"
},
{
"cve": "CVE-2025-24244",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24244",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24244.json"
}
],
"title": "CVE-2025-24244"
},
{
"cve": "CVE-2025-24257",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24257",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24257.json"
}
],
"title": "CVE-2025-24257"
},
{
"cve": "CVE-2025-24264",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24264.json"
}
],
"title": "CVE-2025-24264"
},
{
"cve": "CVE-2025-24283",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24283",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24283.json"
}
],
"title": "CVE-2025-24283"
},
{
"cve": "CVE-2025-27113",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27113",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27113.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-27113"
},
{
"cve": "CVE-2025-30425",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30425",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30425.json"
}
],
"title": "CVE-2025-30425"
},
{
"cve": "CVE-2025-30426",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30426",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30426.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-30426"
},
{
"cve": "CVE-2025-30427",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30427",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30427.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-30427"
},
{
"cve": "CVE-2025-30428",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30428.json"
}
],
"title": "CVE-2025-30428"
},
{
"cve": "CVE-2025-30429",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30429",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30429.json"
}
],
"title": "CVE-2025-30429"
},
{
"cve": "CVE-2025-30430",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30430",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30430.json"
}
],
"title": "CVE-2025-30430"
},
{
"cve": "CVE-2025-30432",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30432",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30432.json"
}
],
"title": "CVE-2025-30432"
},
{
"cve": "CVE-2025-30433",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30433",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30433.json"
}
],
"title": "CVE-2025-30433"
},
{
"cve": "CVE-2025-30434",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30434",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30434.json"
}
],
"title": "CVE-2025-30434"
},
{
"cve": "CVE-2025-30438",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30438",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30438.json"
}
],
"title": "CVE-2025-30438"
},
{
"cve": "CVE-2025-30439",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30439",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30439.json"
}
],
"title": "CVE-2025-30439"
},
{
"cve": "CVE-2025-30447",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30447",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30447.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-30447"
},
{
"cve": "CVE-2025-30454",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30454",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30454.json"
}
],
"title": "CVE-2025-30454"
},
{
"cve": "CVE-2025-30456",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30456",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30456.json"
}
],
"title": "CVE-2025-30456"
},
{
"cve": "CVE-2025-30463",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30463",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30463.json"
}
],
"title": "CVE-2025-30463"
},
{
"cve": "CVE-2025-30465",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30465",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30465.json"
}
],
"title": "CVE-2025-30465"
},
{
"cve": "CVE-2025-30467",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30467",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30467.json"
}
],
"title": "CVE-2025-30467"
},
{
"cve": "CVE-2025-30469",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30469",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30469.json"
}
],
"title": "CVE-2025-30469"
},
{
"cve": "CVE-2025-30470",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30470",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30470.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-30470"
},
{
"cve": "CVE-2025-30471",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30471",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30471.json"
}
],
"title": "CVE-2025-30471"
},
{
"cve": "CVE-2025-31182",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31182.json"
}
],
"title": "CVE-2025-31182"
},
{
"cve": "CVE-2025-31183",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31183",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31183.json"
}
],
"title": "CVE-2025-31183"
},
{
"cve": "CVE-2025-31184",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31184.json"
}
],
"title": "CVE-2025-31184"
},
{
"cve": "CVE-2025-31191",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31191",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31191.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-31191"
},
{
"cve": "CVE-2025-31192",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31192",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31192.json"
}
],
"title": "CVE-2025-31192"
},
{
"cve": "CVE-2024-9681",
"cwe": {
"id": "CWE-1025",
"name": "Comparison Using Wrong Factors"
},
"notes": [
{
"category": "other",
"text": "Comparison Using Wrong Factors",
"title": "CWE-1025"
},
{
"category": "other",
"text": "Incorrect Comparison",
"title": "CWE-697"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9681",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9681.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2024-9681"
},
{
"cve": "CVE-2024-48958",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-48958",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-48958.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2024-48958"
},
{
"cve": "CVE-2024-54502",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-54502",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54502.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2024-54502"
},
{
"cve": "CVE-2024-54508",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-54508",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54508.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2024-54508"
},
{
"cve": "CVE-2024-54534",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-54534",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54534.json"
}
],
"title": "CVE-2024-54534"
},
{
"cve": "CVE-2024-54543",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-54543",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54543.json"
}
],
"title": "CVE-2024-54543"
},
{
"cve": "CVE-2024-56171",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56171",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56171.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2024-56171"
},
{
"cve": "CVE-2025-24085",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "other",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24085",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24085.json"
}
],
"title": "CVE-2025-24085"
},
{
"cve": "CVE-2025-24095",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24095",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24095.json"
}
],
"title": "CVE-2025-24095"
},
{
"cve": "CVE-2025-24097",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24097",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24097.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-24097"
},
{
"cve": "CVE-2025-24113",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24113",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24113.json"
}
],
"title": "CVE-2025-24113"
},
{
"cve": "CVE-2025-24163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24163",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24163.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-24163"
},
{
"cve": "CVE-2025-24167",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24167",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24167.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-24167"
},
{
"cve": "CVE-2025-24173",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24173",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24173.json"
}
],
"title": "CVE-2025-24173"
},
{
"cve": "CVE-2025-24178",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24178.json"
}
],
"title": "CVE-2025-24178"
},
{
"cve": "CVE-2025-24180",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24180",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24180.json"
}
],
"title": "CVE-2025-24180"
},
{
"cve": "CVE-2025-24182",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24182.json"
}
],
"title": "CVE-2025-24182"
},
{
"cve": "CVE-2025-24190",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24190",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24190.json"
}
],
"title": "CVE-2025-24190"
},
{
"cve": "CVE-2025-24192",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24192",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24192.json"
}
],
"title": "CVE-2025-24192"
},
{
"cve": "CVE-2025-24193",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24193",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24193.json"
}
],
"title": "CVE-2025-24193"
},
{
"cve": "CVE-2025-24194",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24194",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24194.json"
}
],
"title": "CVE-2025-24194"
},
{
"cve": "CVE-2025-24198",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24198",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24198.json"
}
],
"title": "CVE-2025-24198"
},
{
"cve": "CVE-2025-24200",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24200",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24200.json"
}
],
"title": "CVE-2025-24200"
},
{
"cve": "CVE-2025-24201",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
}
],
"title": "CVE-2025-24201"
},
{
"cve": "CVE-2025-24202",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24202",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24202.json"
}
],
"title": "CVE-2025-24202"
},
{
"cve": "CVE-2025-24203",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24203",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24203.json"
}
],
"title": "CVE-2025-24203"
},
{
"cve": "CVE-2025-24205",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24205",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24205.json"
}
],
"title": "CVE-2025-24205"
},
{
"cve": "CVE-2025-24208",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24208",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24208.json"
}
],
"title": "CVE-2025-24208"
},
{
"cve": "CVE-2025-24209",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24209",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24209.json"
}
],
"title": "CVE-2025-24209"
},
{
"cve": "CVE-2025-24210",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24210",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24210.json"
}
],
"title": "CVE-2025-24210"
},
{
"cve": "CVE-2025-24211",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24211",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24211.json"
}
],
"title": "CVE-2025-24211"
},
{
"cve": "CVE-2025-24212",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24212",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24212.json"
}
],
"title": "CVE-2025-24212"
},
{
"cve": "CVE-2025-24213",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24213",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24213.json"
}
],
"title": "CVE-2025-24213"
},
{
"cve": "CVE-2025-24214",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24214",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24214.json"
}
],
"title": "CVE-2025-24214"
},
{
"cve": "CVE-2025-24215",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24215",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24215.json"
}
],
"title": "CVE-2025-24215"
},
{
"cve": "CVE-2025-24216",
"product_status": {
"known_affected": [
"CSAFPID-2588450",
"CSAFPID-1432307",
"CSAFPID-1902947",
"CSAFPID-2462478",
"CSAFPID-2588454",
"CSAFPID-1436912",
"CSAFPID-1904380",
"CSAFPID-2177846",
"CSAFPID-2469033",
"CSAFPID-1332226",
"CSAFPID-1432291",
"CSAFPID-1901367",
"CSAFPID-2590080",
"CSAFPID-2588452",
"CSAFPID-90190",
"CSAFPID-90119",
"CSAFPID-90182",
"CSAFPID-773820",
"CSAFPID-90174",
"CSAFPID-90216",
"CSAFPID-90200",
"CSAFPID-90232",
"CSAFPID-90303",
"CSAFPID-821264",
"CSAFPID-90255",
"CSAFPID-90236",
"CSAFPID-90241",
"CSAFPID-90305",
"CSAFPID-90301",
"CSAFPID-90297",
"CSAFPID-90295",
"CSAFPID-90291",
"CSAFPID-90302",
"CSAFPID-90306",
"CSAFPID-90307",
"CSAFPID-90308",
"CSAFPID-1077909",
"CSAFPID-1136180",
"CSAFPID-1136554",
"CSAFPID-1136185",
"CSAFPID-1618595",
"CSAFPID-1915327",
"CSAFPID-1161343",
"CSAFPID-1443657",
"CSAFPID-1906294",
"CSAFPID-1987760"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24216",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24216.json"
}
],
"title": "CVE-2025-24216"
}
]
}
NCSC-2025-0046
Vulnerability from csaf_ncscnl - Published: 2025-02-11 09:54 - Updated: 2025-02-11 09:54Summary
Kwetsbaarheid verholpen in Apple iOS en iPadOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Apple heeft een kwetsbaarheid verholpen in iOS en iPadOS.
Interpretaties
Een kwaadwillende met fysieke toegang tot het kwetsbare device kan de kwetsbaarheid misbruiken om USB restricties te omzeilen, ook als het systeem locked is. Hiermee kan de kwaadwillende willekeurige software installeren op het device. Succesvol misbruik is niet eenvoudig en vereist dus dat de kwaadwillende het kwetsbare device in handen heeft.
Apple meldt dat deze kwetsbaarheid beperkt en zeer gericht actief is misbruikt.
Oplossingen
Apple heeft updates uitgebracht om de kwetsbaarheid te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
low
Schade
high
CWE-1299
Missing Protection Mechanism for Alternate Hardware Interface
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Apple heeft een kwetsbaarheid verholpen in iOS en iPadOS.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende met fysieke toegang tot het kwetsbare device kan de kwetsbaarheid misbruiken om USB restricties te omzeilen, ook als het systeem locked is. Hiermee kan de kwaadwillende willekeurige software installeren op het device. Succesvol misbruik is niet eenvoudig en vereist dus dat de kwaadwillende het kwetsbare device in handen heeft.\n\nApple meldt dat deze kwetsbaarheid beperkt en zeer gericht actief is misbruikt.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Apple heeft updates uitgebracht om de kwetsbaarheid te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "low",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Missing Protection Mechanism for Alternate Hardware Interface",
"title": "CWE-1299"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Source - apple",
"url": "https://support.apple.com/en-us/122173"
},
{
"category": "external",
"summary": "Source - apple",
"url": "https://support.apple.com/en-us/122174"
}
],
"title": "Kwetsbaarheid verholpen in Apple iOS en iPadOS",
"tracking": {
"current_release_date": "2025-02-11T09:54:03.266145Z",
"id": "NCSC-2025-0046",
"initial_release_date": "2025-02-11T09:54:03.266145Z",
"revision_history": [
{
"date": "2025-02-11T09:54:03.266145Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "ios",
"product": {
"name": "ios",
"product_id": "CSAFPID-548768",
"product_identification_helper": {
"cpe": "cpe:2.3:a:apple:ios:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "ios_and_ipados",
"product": {
"name": "ios_and_ipados",
"product_id": "CSAFPID-551327",
"product_identification_helper": {
"cpe": "cpe:2.3:a:apple:ios_and_ipados:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "ipados",
"product": {
"name": "ipados",
"product_id": "CSAFPID-1691048",
"product_identification_helper": {
"cpe": "cpe:2.3:a:apple:ipados:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "ipad_os",
"product": {
"name": "ipad_os",
"product_id": "CSAFPID-1725585",
"product_identification_helper": {
"cpe": "cpe:2.3:o:apple:ipad_os:18.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "ipad_os",
"product": {
"name": "ipad_os",
"product_id": "CSAFPID-1760694",
"product_identification_helper": {
"cpe": "cpe:2.3:o:apple:ipad_os:18.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "ipados",
"product": {
"name": "ipados",
"product_id": "CSAFPID-631673",
"product_identification_helper": {
"cpe": "cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "ipados",
"product": {
"name": "ipados",
"product_id": "CSAFPID-1760695",
"product_identification_helper": {
"cpe": "cpe:2.3:o:apple:ipados:17.7.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "ipados",
"product": {
"name": "ipados",
"product_id": "CSAFPID-1643900",
"product_identification_helper": {
"cpe": "cpe:2.3:o:apple:ipados:17.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "iphone_os",
"product": {
"name": "iphone_os",
"product_id": "CSAFPID-1662011",
"product_identification_helper": {
"cpe": "cpe:2.3:o:apple:iphone_os:18.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "iphone_os",
"product": {
"name": "iphone_os",
"product_id": "CSAFPID-1760696",
"product_identification_helper": {
"cpe": "cpe:2.3:o:apple:iphone_os:18.3.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24200",
"product_status": {
"known_affected": [
"CSAFPID-548768",
"CSAFPID-551327",
"CSAFPID-1691048",
"CSAFPID-1725585",
"CSAFPID-1760694",
"CSAFPID-631673",
"CSAFPID-1760695",
"CSAFPID-1643900",
"CSAFPID-1662011",
"CSAFPID-1760696"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24200",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24200.json"
}
],
"title": "CVE-2025-24200"
}
]
}
CERTFR-2025-AVI-0110
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les produits Apple. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Apple indique que la vulnérabilité CVE-2025-24200 est activement exploitée.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.3.1",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 17.7.5",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 18.3.1",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-24200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24200"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0110",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-02-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Apple. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.\n\nApple indique que la vuln\u00e9rabilit\u00e9 CVE-2025-24200 est activement exploit\u00e9e.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122174",
"url": "https://support.apple.com/en-us/122174"
},
{
"published_at": "2025-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122173",
"url": "https://support.apple.com/en-us/122173"
}
]
}
CERTFR-2025-AVI-0258
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Apple indique que les vulnérabilités CVE-2025-24200 et CVE-2025-24201 sont activement exploitées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | iPadOS | iPadOS versions antérieures à 17.7.6 | ||
| Apple | iOS | iOS versions antérieures à 18.4 | ||
| Apple | N/A | Xcode versions antérieures à 16.3 | ||
| Apple | iOS | iOS versions antérieures à 16.7.11 | ||
| Apple | visionOS | visionOS versions antérieures à 2.4 | ||
| Apple | macOS | macOS Ventura versions antérieures à 13.7.5 | ||
| Apple | tvOS | tvOS versions antérieures à 18.4 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.4 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.7.5 | ||
| Apple | iPadOS | iPadOS versions antérieures à 18.4 | ||
| Apple | iOS | iOS versions antérieures à 15.8.4 | ||
| Apple | iPadOS | iPadOS versions antérieures à 16.7.11 | ||
| Apple | iPadOS | iPadOS versions antérieures à 15.8.4 | ||
| Apple | Safari | Safari versions antérieures à 18.4 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 17.7.6",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.4",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode versions ant\u00e9rieures \u00e0 16.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 16.7.11",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 2.4",
"product": {
"name": "visionOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Ventura versions ant\u00e9rieures \u00e0 13.7.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 18.4",
"product": {
"name": "tvOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.4",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.7.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 18.4",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 15.8.4",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 16.7.11",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 15.8.4",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 18.4",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-24206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24206"
},
{
"name": "CVE-2024-54508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54508"
},
{
"name": "CVE-2025-24205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24205"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2025-24266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24266"
},
{
"name": "CVE-2024-54502",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54502"
},
{
"name": "CVE-2025-24273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24273"
},
{
"name": "CVE-2025-30425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30425"
},
{
"name": "CVE-2025-24200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24200"
},
{
"name": "CVE-2025-24228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24228"
},
{
"name": "CVE-2025-24210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24210"
},
{
"name": "CVE-2025-24265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24265"
},
{
"name": "CVE-2025-24260",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24260"
},
{
"name": "CVE-2025-24249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24249"
},
{
"name": "CVE-2025-30455",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30455"
},
{
"name": "CVE-2025-30471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30471"
},
{
"name": "CVE-2025-30465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30465"
},
{
"name": "CVE-2025-24253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24253"
},
{
"name": "CVE-2025-30447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30447"
},
{
"name": "CVE-2025-30445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30445"
},
{
"name": "CVE-2025-24207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24207"
},
{
"name": "CVE-2025-24240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24240"
},
{
"name": "CVE-2025-24229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24229"
},
{
"name": "CVE-2025-24246",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24246"
},
{
"name": "CVE-2025-24182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24182"
},
{
"name": "CVE-2025-24279",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24279"
},
{
"name": "CVE-2025-24271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24271"
},
{
"name": "CVE-2025-30469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30469"
},
{
"name": "CVE-2025-24178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24178"
},
{
"name": "CVE-2025-30463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30463"
},
{
"name": "CVE-2025-30457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30457"
},
{
"name": "CVE-2025-24126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24126"
},
{
"name": "CVE-2025-24204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24204"
},
{
"name": "CVE-2025-24216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24216"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-30462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30462"
},
{
"name": "CVE-2025-30467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30467"
},
{
"name": "CVE-2025-24262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24262"
},
{
"name": "CVE-2025-24270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24270"
},
{
"name": "CVE-2025-24194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24194"
},
{
"name": "CVE-2025-24267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24267"
},
{
"name": "CVE-2025-24235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24235"
},
{
"name": "CVE-2025-24193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24193"
},
{
"name": "CVE-2025-24281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24281"
},
{
"name": "CVE-2025-24221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24221"
},
{
"name": "CVE-2025-24257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24257"
},
{
"name": "CVE-2025-31187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31187"
},
{
"name": "CVE-2025-30449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30449"
},
{
"name": "CVE-2025-24263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24263"
},
{
"name": "CVE-2025-24191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24191"
},
{
"name": "CVE-2025-30464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30464"
},
{
"name": "CVE-2025-30429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30429"
},
{
"name": "CVE-2025-24280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24280"
},
{
"name": "CVE-2025-30452",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30452"
},
{
"name": "CVE-2025-24085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24085"
},
{
"name": "CVE-2025-24203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24203"
},
{
"name": "CVE-2025-24247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24247"
},
{
"name": "CVE-2025-24211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24211"
},
{
"name": "CVE-2025-24198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24198"
},
{
"name": "CVE-2025-24131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24131"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-24164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24164"
},
{
"name": "CVE-2025-24255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24255"
},
{
"name": "CVE-2025-24283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24283"
},
{
"name": "CVE-2024-48958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48958"
},
{
"name": "CVE-2025-24170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24170"
},
{
"name": "CVE-2025-24093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24093"
},
{
"name": "CVE-2025-24173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24173"
},
{
"name": "CVE-2025-24218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24218"
},
{
"name": "CVE-2025-24097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24097"
},
{
"name": "CVE-2025-30435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30435"
},
{
"name": "CVE-2024-40864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40864"
},
{
"name": "CVE-2025-24157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24157"
},
{
"name": "CVE-2025-24278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24278"
},
{
"name": "CVE-2025-24264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24264"
},
{
"name": "CVE-2025-24172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24172"
},
{
"name": "CVE-2025-30451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30451"
},
{
"name": "CVE-2025-24212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24212"
},
{
"name": "CVE-2025-24252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24252"
},
{
"name": "CVE-2025-24199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24199"
},
{
"name": "CVE-2025-24239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24239"
},
{
"name": "CVE-2025-24139",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24139"
},
{
"name": "CVE-2025-24237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24237"
},
{
"name": "CVE-2025-24254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24254"
},
{
"name": "CVE-2025-24226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24226"
},
{
"name": "CVE-2025-24238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24238"
},
{
"name": "CVE-2025-30450",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30450"
},
{
"name": "CVE-2025-24192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24192"
},
{
"name": "CVE-2025-24236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24236"
},
{
"name": "CVE-2025-24167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24167"
},
{
"name": "CVE-2025-24232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24232"
},
{
"name": "CVE-2025-31194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31194"
},
{
"name": "CVE-2025-30458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30458"
},
{
"name": "CVE-2025-24261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24261"
},
{
"name": "CVE-2025-30424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30424"
},
{
"name": "CVE-2025-30430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30430"
},
{
"name": "CVE-2025-30444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30444"
},
{
"name": "CVE-2025-24282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24282"
},
{
"name": "CVE-2025-24256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24256"
},
{
"name": "CVE-2025-24259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24259"
},
{
"name": "CVE-2025-24181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24181"
},
{
"name": "CVE-2025-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31197"
},
{
"name": "CVE-2025-24233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24233"
},
{
"name": "CVE-2025-24241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24241"
},
{
"name": "CVE-2025-24215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24215"
},
{
"name": "CVE-2025-24214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24214"
},
{
"name": "CVE-2025-30439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30439"
},
{
"name": "CVE-2025-24113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24113"
},
{
"name": "CVE-2025-30460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30460"
},
{
"name": "CVE-2025-30434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30434"
},
{
"name": "CVE-2025-31192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31192"
},
{
"name": "CVE-2025-30428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30428"
},
{
"name": "CVE-2025-24196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24196"
},
{
"name": "CVE-2025-24242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24242"
},
{
"name": "CVE-2025-30438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30438"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2025-30437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30437"
},
{
"name": "CVE-2025-30432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30432"
},
{
"name": "CVE-2024-54533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54533"
},
{
"name": "CVE-2025-24129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24129"
},
{
"name": "CVE-2025-24217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24217"
},
{
"name": "CVE-2025-24272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24272"
},
{
"name": "CVE-2025-24213",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24213"
},
{
"name": "CVE-2025-24095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24095"
},
{
"name": "CVE-2025-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30456"
},
{
"name": "CVE-2025-24209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24209"
},
{
"name": "CVE-2025-24276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24276"
},
{
"name": "CVE-2025-24179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24179"
},
{
"name": "CVE-2025-24208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24208"
},
{
"name": "CVE-2025-24190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24190"
},
{
"name": "CVE-2025-30441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30441"
},
{
"name": "CVE-2025-24248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24248"
},
{
"name": "CVE-2025-24243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24243"
},
{
"name": "CVE-2025-31191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31191"
},
{
"name": "CVE-2025-31184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31184"
},
{
"name": "CVE-2025-24245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24245"
},
{
"name": "CVE-2025-30470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30470"
},
{
"name": "CVE-2025-31182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31182"
},
{
"name": "CVE-2025-24251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24251"
},
{
"name": "CVE-2025-24195",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24195"
},
{
"name": "CVE-2024-54543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54543"
},
{
"name": "CVE-2025-24250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24250"
},
{
"name": "CVE-2025-24234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24234"
},
{
"name": "CVE-2025-24180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24180"
},
{
"name": "CVE-2025-24177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24177"
},
{
"name": "CVE-2025-30454",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30454"
},
{
"name": "CVE-2025-30461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30461"
},
{
"name": "CVE-2025-24244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24244"
},
{
"name": "CVE-2025-24230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24230"
},
{
"name": "CVE-2025-24148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24148"
},
{
"name": "CVE-2025-24163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24163"
},
{
"name": "CVE-2025-24231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24231"
},
{
"name": "CVE-2025-24277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24277"
},
{
"name": "CVE-2025-24269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24269"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2025-24201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24201"
},
{
"name": "CVE-2025-31188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31188"
},
{
"name": "CVE-2025-24202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24202"
},
{
"name": "CVE-2025-30446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30446"
},
{
"name": "CVE-2025-30433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30433"
},
{
"name": "CVE-2025-30443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30443"
},
{
"name": "CVE-2025-30426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30426"
},
{
"name": "CVE-2025-30427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30427"
},
{
"name": "CVE-2025-31183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31183"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0258",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-01T00:00:00.000000"
},
{
"description": "Ajout de multiples identifiants CVE.",
"revision_date": "2025-04-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nApple indique que les vuln\u00e9rabilit\u00e9s CVE-2025-24200 et CVE-2025-24201 sont activement exploit\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122378",
"url": "https://support.apple.com/en-us/122378"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122371",
"url": "https://support.apple.com/en-us/122371"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122380",
"url": "https://support.apple.com/en-us/122380"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122379",
"url": "https://support.apple.com/en-us/122379"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122345",
"url": "https://support.apple.com/en-us/122345"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122373",
"url": "https://support.apple.com/en-us/122373"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122372",
"url": "https://support.apple.com/en-us/122372"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122377",
"url": "https://support.apple.com/en-us/122377"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122346",
"url": "https://support.apple.com/en-us/122346"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122374",
"url": "https://support.apple.com/en-us/122374"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122375",
"url": "https://support.apple.com/en-us/122375"
}
]
}
CERTFR-2025-AVI-0258
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Apple indique que les vulnérabilités CVE-2025-24200 et CVE-2025-24201 sont activement exploitées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | iPadOS | iPadOS versions antérieures à 17.7.6 | ||
| Apple | iOS | iOS versions antérieures à 18.4 | ||
| Apple | N/A | Xcode versions antérieures à 16.3 | ||
| Apple | iOS | iOS versions antérieures à 16.7.11 | ||
| Apple | visionOS | visionOS versions antérieures à 2.4 | ||
| Apple | macOS | macOS Ventura versions antérieures à 13.7.5 | ||
| Apple | tvOS | tvOS versions antérieures à 18.4 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.4 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.7.5 | ||
| Apple | iPadOS | iPadOS versions antérieures à 18.4 | ||
| Apple | iOS | iOS versions antérieures à 15.8.4 | ||
| Apple | iPadOS | iPadOS versions antérieures à 16.7.11 | ||
| Apple | iPadOS | iPadOS versions antérieures à 15.8.4 | ||
| Apple | Safari | Safari versions antérieures à 18.4 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 17.7.6",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.4",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode versions ant\u00e9rieures \u00e0 16.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 16.7.11",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 2.4",
"product": {
"name": "visionOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Ventura versions ant\u00e9rieures \u00e0 13.7.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 18.4",
"product": {
"name": "tvOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.4",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.7.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 18.4",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 15.8.4",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 16.7.11",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 15.8.4",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 18.4",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-24206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24206"
},
{
"name": "CVE-2024-54508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54508"
},
{
"name": "CVE-2025-24205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24205"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2025-24266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24266"
},
{
"name": "CVE-2024-54502",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54502"
},
{
"name": "CVE-2025-24273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24273"
},
{
"name": "CVE-2025-30425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30425"
},
{
"name": "CVE-2025-24200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24200"
},
{
"name": "CVE-2025-24228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24228"
},
{
"name": "CVE-2025-24210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24210"
},
{
"name": "CVE-2025-24265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24265"
},
{
"name": "CVE-2025-24260",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24260"
},
{
"name": "CVE-2025-24249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24249"
},
{
"name": "CVE-2025-30455",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30455"
},
{
"name": "CVE-2025-30471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30471"
},
{
"name": "CVE-2025-30465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30465"
},
{
"name": "CVE-2025-24253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24253"
},
{
"name": "CVE-2025-30447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30447"
},
{
"name": "CVE-2025-30445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30445"
},
{
"name": "CVE-2025-24207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24207"
},
{
"name": "CVE-2025-24240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24240"
},
{
"name": "CVE-2025-24229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24229"
},
{
"name": "CVE-2025-24246",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24246"
},
{
"name": "CVE-2025-24182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24182"
},
{
"name": "CVE-2025-24279",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24279"
},
{
"name": "CVE-2025-24271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24271"
},
{
"name": "CVE-2025-30469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30469"
},
{
"name": "CVE-2025-24178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24178"
},
{
"name": "CVE-2025-30463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30463"
},
{
"name": "CVE-2025-30457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30457"
},
{
"name": "CVE-2025-24126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24126"
},
{
"name": "CVE-2025-24204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24204"
},
{
"name": "CVE-2025-24216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24216"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-30462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30462"
},
{
"name": "CVE-2025-30467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30467"
},
{
"name": "CVE-2025-24262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24262"
},
{
"name": "CVE-2025-24270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24270"
},
{
"name": "CVE-2025-24194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24194"
},
{
"name": "CVE-2025-24267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24267"
},
{
"name": "CVE-2025-24235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24235"
},
{
"name": "CVE-2025-24193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24193"
},
{
"name": "CVE-2025-24281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24281"
},
{
"name": "CVE-2025-24221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24221"
},
{
"name": "CVE-2025-24257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24257"
},
{
"name": "CVE-2025-31187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31187"
},
{
"name": "CVE-2025-30449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30449"
},
{
"name": "CVE-2025-24263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24263"
},
{
"name": "CVE-2025-24191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24191"
},
{
"name": "CVE-2025-30464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30464"
},
{
"name": "CVE-2025-30429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30429"
},
{
"name": "CVE-2025-24280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24280"
},
{
"name": "CVE-2025-30452",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30452"
},
{
"name": "CVE-2025-24085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24085"
},
{
"name": "CVE-2025-24203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24203"
},
{
"name": "CVE-2025-24247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24247"
},
{
"name": "CVE-2025-24211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24211"
},
{
"name": "CVE-2025-24198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24198"
},
{
"name": "CVE-2025-24131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24131"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-24164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24164"
},
{
"name": "CVE-2025-24255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24255"
},
{
"name": "CVE-2025-24283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24283"
},
{
"name": "CVE-2024-48958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48958"
},
{
"name": "CVE-2025-24170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24170"
},
{
"name": "CVE-2025-24093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24093"
},
{
"name": "CVE-2025-24173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24173"
},
{
"name": "CVE-2025-24218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24218"
},
{
"name": "CVE-2025-24097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24097"
},
{
"name": "CVE-2025-30435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30435"
},
{
"name": "CVE-2024-40864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40864"
},
{
"name": "CVE-2025-24157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24157"
},
{
"name": "CVE-2025-24278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24278"
},
{
"name": "CVE-2025-24264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24264"
},
{
"name": "CVE-2025-24172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24172"
},
{
"name": "CVE-2025-30451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30451"
},
{
"name": "CVE-2025-24212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24212"
},
{
"name": "CVE-2025-24252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24252"
},
{
"name": "CVE-2025-24199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24199"
},
{
"name": "CVE-2025-24239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24239"
},
{
"name": "CVE-2025-24139",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24139"
},
{
"name": "CVE-2025-24237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24237"
},
{
"name": "CVE-2025-24254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24254"
},
{
"name": "CVE-2025-24226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24226"
},
{
"name": "CVE-2025-24238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24238"
},
{
"name": "CVE-2025-30450",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30450"
},
{
"name": "CVE-2025-24192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24192"
},
{
"name": "CVE-2025-24236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24236"
},
{
"name": "CVE-2025-24167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24167"
},
{
"name": "CVE-2025-24232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24232"
},
{
"name": "CVE-2025-31194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31194"
},
{
"name": "CVE-2025-30458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30458"
},
{
"name": "CVE-2025-24261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24261"
},
{
"name": "CVE-2025-30424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30424"
},
{
"name": "CVE-2025-30430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30430"
},
{
"name": "CVE-2025-30444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30444"
},
{
"name": "CVE-2025-24282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24282"
},
{
"name": "CVE-2025-24256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24256"
},
{
"name": "CVE-2025-24259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24259"
},
{
"name": "CVE-2025-24181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24181"
},
{
"name": "CVE-2025-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31197"
},
{
"name": "CVE-2025-24233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24233"
},
{
"name": "CVE-2025-24241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24241"
},
{
"name": "CVE-2025-24215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24215"
},
{
"name": "CVE-2025-24214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24214"
},
{
"name": "CVE-2025-30439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30439"
},
{
"name": "CVE-2025-24113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24113"
},
{
"name": "CVE-2025-30460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30460"
},
{
"name": "CVE-2025-30434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30434"
},
{
"name": "CVE-2025-31192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31192"
},
{
"name": "CVE-2025-30428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30428"
},
{
"name": "CVE-2025-24196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24196"
},
{
"name": "CVE-2025-24242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24242"
},
{
"name": "CVE-2025-30438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30438"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2025-30437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30437"
},
{
"name": "CVE-2025-30432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30432"
},
{
"name": "CVE-2024-54533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54533"
},
{
"name": "CVE-2025-24129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24129"
},
{
"name": "CVE-2025-24217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24217"
},
{
"name": "CVE-2025-24272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24272"
},
{
"name": "CVE-2025-24213",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24213"
},
{
"name": "CVE-2025-24095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24095"
},
{
"name": "CVE-2025-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30456"
},
{
"name": "CVE-2025-24209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24209"
},
{
"name": "CVE-2025-24276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24276"
},
{
"name": "CVE-2025-24179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24179"
},
{
"name": "CVE-2025-24208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24208"
},
{
"name": "CVE-2025-24190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24190"
},
{
"name": "CVE-2025-30441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30441"
},
{
"name": "CVE-2025-24248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24248"
},
{
"name": "CVE-2025-24243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24243"
},
{
"name": "CVE-2025-31191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31191"
},
{
"name": "CVE-2025-31184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31184"
},
{
"name": "CVE-2025-24245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24245"
},
{
"name": "CVE-2025-30470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30470"
},
{
"name": "CVE-2025-31182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31182"
},
{
"name": "CVE-2025-24251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24251"
},
{
"name": "CVE-2025-24195",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24195"
},
{
"name": "CVE-2024-54543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54543"
},
{
"name": "CVE-2025-24250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24250"
},
{
"name": "CVE-2025-24234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24234"
},
{
"name": "CVE-2025-24180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24180"
},
{
"name": "CVE-2025-24177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24177"
},
{
"name": "CVE-2025-30454",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30454"
},
{
"name": "CVE-2025-30461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30461"
},
{
"name": "CVE-2025-24244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24244"
},
{
"name": "CVE-2025-24230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24230"
},
{
"name": "CVE-2025-24148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24148"
},
{
"name": "CVE-2025-24163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24163"
},
{
"name": "CVE-2025-24231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24231"
},
{
"name": "CVE-2025-24277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24277"
},
{
"name": "CVE-2025-24269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24269"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2025-24201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24201"
},
{
"name": "CVE-2025-31188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31188"
},
{
"name": "CVE-2025-24202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24202"
},
{
"name": "CVE-2025-30446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30446"
},
{
"name": "CVE-2025-30433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30433"
},
{
"name": "CVE-2025-30443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30443"
},
{
"name": "CVE-2025-30426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30426"
},
{
"name": "CVE-2025-30427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30427"
},
{
"name": "CVE-2025-31183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31183"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0258",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-01T00:00:00.000000"
},
{
"description": "Ajout de multiples identifiants CVE.",
"revision_date": "2025-04-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nApple indique que les vuln\u00e9rabilit\u00e9s CVE-2025-24200 et CVE-2025-24201 sont activement exploit\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122378",
"url": "https://support.apple.com/en-us/122378"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122371",
"url": "https://support.apple.com/en-us/122371"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122380",
"url": "https://support.apple.com/en-us/122380"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122379",
"url": "https://support.apple.com/en-us/122379"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122345",
"url": "https://support.apple.com/en-us/122345"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122373",
"url": "https://support.apple.com/en-us/122373"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122372",
"url": "https://support.apple.com/en-us/122372"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122377",
"url": "https://support.apple.com/en-us/122377"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122346",
"url": "https://support.apple.com/en-us/122346"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122374",
"url": "https://support.apple.com/en-us/122374"
},
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122375",
"url": "https://support.apple.com/en-us/122375"
}
]
}
CERTFR-2025-AVI-0110
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les produits Apple. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Apple indique que la vulnérabilité CVE-2025-24200 est activement exploitée.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.3.1",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 17.7.5",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 18.3.1",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-24200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24200"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0110",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-02-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Apple. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.\n\nApple indique que la vuln\u00e9rabilit\u00e9 CVE-2025-24200 est activement exploit\u00e9e.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122174",
"url": "https://support.apple.com/en-us/122174"
},
{
"published_at": "2025-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 122173",
"url": "https://support.apple.com/en-us/122173"
}
]
}
FKIE_CVE-2025-24200
Vulnerability from fkie_nvd - Published: 2025-02-10 19:15 - Updated: 2025-11-04 15:23
Severity ?
6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
References
| URL | Tags | ||
|---|---|---|---|
| product-security@apple.com | https://support.apple.com/en-us/122173 | Release Notes, Vendor Advisory | |
| product-security@apple.com | https://support.apple.com/en-us/122174 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2025/Apr/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2025/Feb/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2025/Feb/8 | Mailing List, Third Party Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24200 | US Government Resource |
{
"cisaActionDue": "2025-03-05",
"cisaExploitAdd": "2025-02-12",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Apple iOS and iPadOS Incorrect Authorization Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "307F4698-5786-4CA5-98A8-E3AAF1E7A09D",
"versionEndExcluding": "15.8.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E5F39B-44E2-4B72-8FC3-B5224F0E26F3",
"versionEndExcluding": "17.7.5",
"versionStartIncluding": "16.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A77F4D69-3C11-4074-A7E6-C85767F026EF",
"versionEndExcluding": "18.3.1",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A92F23-F3AF-4365-B405-70AFC1D9ECB3",
"versionEndExcluding": "15.8.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81B77B4A-A57B-43BC-B404-E3E75F80A3A3",
"versionEndExcluding": "18.3.1",
"versionStartIncluding": "16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de autorizaci\u00f3n con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en iPadOS 17.7.5, iOS 18.3.1 y iPadOS 18.3.1. Un ataque f\u00edsico puede desactivar el modo restringido de USB en un dispositivo bloqueado. Apple tiene conocimiento de un informe que indica que este problema puede haber sido explotado en un ataque extremadamente sofisticado contra individuos espec\u00edficos. "
}
],
"id": "CVE-2025-24200",
"lastModified": "2025-11-04T15:23:42.597",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-10T19:15:40.107",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/122173"
},
{
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/122174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2025/Apr/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2025/Feb/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2025/Feb/8"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24200"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
WID-SEC-W-2025-0305
Vulnerability from csaf_certbund - Published: 2025-02-10 23:00 - Updated: 2025-03-31 22:00Summary
Apple iOS: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Das Apple iOS (vormals iPhone OS) ist das Betriebssystem für das von Apple entwickelte Smartphone iPhone, iPad und iPod Touch.
Das Apple iPadOS ist das Betriebssystem für das von Apple entwickelte iPad.
Angriff
Ein Angreifer mit physischem Zugriff kann eine Schwachstelle in Apple iOS und Apple iPadOS ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- iPhoneOS
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Apple iOS (vormals iPhone OS) ist das Betriebssystem f\u00fcr das von Apple entwickelte Smartphone iPhone, iPad und iPod Touch.\r\nDas Apple iPadOS ist das Betriebssystem f\u00fcr das von Apple entwickelte iPad.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer mit physischem Zugriff kann eine Schwachstelle in Apple iOS und Apple iPadOS ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- iPhoneOS",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0305 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0305.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0305 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0305"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2025-02-10",
"url": "https://support.apple.com/en-us/122173"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2025-02-10",
"url": "https://support.apple.com/en-us/122174"
},
{
"category": "external",
"summary": "Apple Security Advisory 122346 vom 2025-03-31",
"url": "https://support.apple.com/en-us/122346"
},
{
"category": "external",
"summary": "Apple Security Advisory 122345 vom 2025-03-31",
"url": "https://support.apple.com/en-us/122345"
}
],
"source_lang": "en-US",
"title": "Apple iOS: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen",
"tracking": {
"current_release_date": "2025-03-31T22:00:00.000+00:00",
"generator": {
"date": "2025-04-01T08:10:18.060+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0305",
"initial_release_date": "2025-02-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-03-31T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Apple aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c18.3.1",
"product": {
"name": "Apple iOS \u003c18.3.1",
"product_id": "T040969"
}
},
{
"category": "product_version",
"name": "18.3.1",
"product": {
"name": "Apple iOS 18.3.1",
"product_id": "T040969-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:iphone_os:18.3.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c16.7.11",
"product": {
"name": "Apple iOS \u003c16.7.11",
"product_id": "T042222"
}
},
{
"category": "product_version",
"name": "16.7.11",
"product": {
"name": "Apple iOS 16.7.11",
"product_id": "T042222-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:iphone_os:16.7.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c15.8.4",
"product": {
"name": "Apple iOS \u003c15.8.4",
"product_id": "T042224"
}
},
{
"category": "product_version",
"name": "15.8.4",
"product": {
"name": "Apple iOS 15.8.4",
"product_id": "T042224-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:iphone_os:15.8.4"
}
}
}
],
"category": "product_name",
"name": "iOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.8.4",
"product": {
"name": "Apple iPad \u003c15.8.4",
"product_id": "T042225"
}
},
{
"category": "product_version",
"name": "15.8.4",
"product": {
"name": "Apple iPad 15.8.4",
"product_id": "T042225-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:apple:ipad:15.8.4"
}
}
}
],
"category": "product_name",
"name": "iPad"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c18.3.1",
"product": {
"name": "Apple iPadOS \u003c18.3.1",
"product_id": "T040970"
}
},
{
"category": "product_version",
"name": "18.3.1",
"product": {
"name": "Apple iPadOS 18.3.1",
"product_id": "T040970-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:ipados:18.3.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c17.7.5",
"product": {
"name": "Apple iPadOS \u003c17.7.5",
"product_id": "T040971"
}
},
{
"category": "product_version",
"name": "17.7.5",
"product": {
"name": "Apple iPadOS 17.7.5",
"product_id": "T040971-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:ipados:17.7.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c16.7.11",
"product": {
"name": "Apple iPadOS \u003c16.7.11",
"product_id": "T042223"
}
},
{
"category": "product_version",
"name": "16.7.11",
"product": {
"name": "Apple iPadOS 16.7.11",
"product_id": "T042223-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:ipados:16.7.11"
}
}
}
],
"category": "product_name",
"name": "iPadOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24200",
"product_status": {
"known_affected": [
"T042222",
"T042223",
"T042224",
"T040969",
"T042225",
"T040971",
"T040970"
]
},
"release_date": "2025-02-10T23:00:00.000+00:00",
"title": "CVE-2025-24200"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…