CVE-2025-24091 | THREATINT

Description

An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service.

PUBLISHED Reserved 2025-01-17 | Published 2025-04-30 | Updated 2026-04-02 | Assigner apple

Problem types

An app may be able to cause a denial-of-service

Product status

Any version before 18.3

affected

Any version before 17.7.3

affected

References

support.apple.com/en-us/121838

support.apple.com/en-us/122066

cve.org (CVE-2025-24091)

nvd.nist.gov (CVE-2025-24091)

Download JSON