A critical vulnerability in iOS (CVE-2025-24091) allowed any sandboxed application or widget extension to send low-level Darwin notifications that forced devices into a “Restore in Progress” state, triggering an endless reboot loop. The exploit—just a single line of code—bricked affected iPhones and iPads running versions prior to iOS/iPadOS 18.3, rendering them unusable without a full system restore. The persistent nature of the proof-of-concept attack, implemented in a widget that automatically relaunched on restart, meant devices would immediately reenter the reboot cycle upon each reboot, effectively denying service indefinitely. End users faced downtime, data loss risk if backups were outdated, increased support calls and repair costs, and potential reputational damage for enterprises relying on vulnerable devices. Apple released iOS 18.3 to address the issue with new entitlements on Darwin notifications and awarded a $17,500 bug bounty to the researcher.
Source: https://cybersecuritynews.com/ios-critical-vulnerability-brick-iphones/
TPRM report: https://scoringcyber.rankiteo.com/company/apple
"id": "app720042825",
"linkid": "apple",
"type": "Vulnerability",
"date": "4/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Technology',
'location': 'Global',
'name': 'Apple',
'size': 'Large',
'type': 'Company'}],
'attack_vector': 'Exploit of a vulnerability in iOS',
'description': 'A critical vulnerability in iOS (CVE-2025-24091) allowed any '
'sandboxed application or widget extension to send low-level '
"Darwin notifications that forced devices into a 'Restore in "
"Progress' state, triggering an endless reboot loop. The "
'exploit—just a single line of code—bricked affected iPhones '
'and iPads running versions prior to iOS/iPadOS 18.3, '
'rendering them unusable without a full system restore. The '
'persistent nature of the proof-of-concept attack, implemented '
'in a widget that automatically relaunched on restart, meant '
'devices would immediately reenter the reboot cycle upon each '
'reboot, effectively denying service indefinitely. End users '
'faced downtime, data loss risk if backups were outdated, '
'increased support calls and repair costs, and potential '
'reputational damage for enterprises relying on vulnerable '
'devices. Apple released iOS 18.3 to address the issue with '
'new entitlements on Darwin notifications and awarded a '
'$17,500 bug bounty to the researcher.',
'impact': {'brand_reputation_impact': 'Potential reputational damage for '
'enterprises',
'customer_complaints': 'Increased support calls',
'downtime': 'Indefinite reboot loop',
'operational_impact': 'Increased support calls and repair costs',
'systems_affected': 'iPhones and iPads running versions prior to '
'iOS/iPadOS 18.3'},
'post_incident_analysis': {'corrective_actions': 'Apple released iOS 18.3 '
'with new entitlements on '
'Darwin notifications',
'root_causes': 'Vulnerability in iOS allowing '
'unauthorized Darwin notifications'},
'response': {'remediation_measures': 'Apple released iOS 18.3 to address the '
'issue with new entitlements on Darwin '
'notifications'},
'title': 'iOS Vulnerability CVE-2025-24091 Leads to Endless Reboot Loop',
'type': 'Denial of Service (DoS)',
'vulnerability_exploited': 'CVE-2025-24091'}