CVE-2025-24252# CVE-2025-24252 iOS "Airborne" Vulnerabilities - Log Artifact Extractor 🚨
# Description:
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia `15.4`, tvOS `18.4`, macOS Ventura `13.7.5`, iPadOS `17.7.6`, macOS Sonoma `14.7.5`, iOS `18.4` and iPadOS `18.4`, visionOS `2.4`. An attacker on the local network may be able to corrupt process memory.
# Metrics:
ADP: `CISA-ADP` Base Score: 9.8 CRITICAL ⚫ Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
# CVE-2025-24252 – mDNS TXT Record Crash Trigger:
This vulnerability affects `AirPlayReceiver` and is triggered via malformed mDNS TXT records.
# Setup on Kali Linux
```
sudo apt update
sudo apt install python3-scapy avahi-daemon -y
sudo systemctl start avahi-daemon
```
Wi-Fi Adapter Requirement
To run crashtest_CVE-2025-24252.py and chain_exploit.py, you must use a Wi-Fi adapter that supports monitor mode.
# Before running the scanner or chain exploit, make sure to:
```
sudo ip link set wlan0 down
sudo iwconfig wlan0 mode monitor
sudo ip link set wlan0 up
```
Replace wlan0 with the name of your adapter
You must be on the same Wi-Fi network as the target Apple devices
Monitor mode is required to properly receive multicast mDNS traffic over port 5353
# Clone the Repo:
```
git clone https://github.com/B1ack4sh/Blackash-CVE-2025-24252.git
cd Blackash-CVE-2025-24252
```
# Configure the PoC:
```
nano CVE-2025-24252.py
```
Set your attacker IP and interface. Then save and exit (`CTRL+X`, then `Y`, then `ENTER`).
# Run the PoC:
```
sudo python3 CVE-2025-24252.py
```
# Monitor Target Behavior:
Use tcpdump or Wireshark to capture traffic on the Apple device’s IP.
# Reminder:
`Only test this on your own Apple devices in a safe lab setting.`
# Disclaimer ⚠️
For educational and research purposes only. Use only against systems you own or have permission to test.
[4.0K] /data/pocs/c20e1fbee5e45872c0514f5f014d299808555ee3
├── [1.3K] CVE-2025-24252.py
└── [1.9K] README.md
0 directories, 2 files