Full Disclosure mailing list archives

Updated repo location: https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201

Working exploit: 
https://www.dropbox.com/scl/fi/ech6wdnpnyscbfiu2o8zh/IMG_1118.png?rlkey=jna5uo6aihs6tfbwtsk8fw7em&st=8c56raq8&dl=0

On Tue, Jun 10, 2025 at 10:48 AM, josephgoyd <[josephgoyd () proton me](mailto:On Tue, Jun 10, 2025 at 10:48 AM, 
josephgoyd <<a href=)> wrote:

"Glass Cage" – Sophisticated Zero-Click iMessage Exploit ChainEnabling Persistent iOS Compromise and Device Bricking

CVE-2025-24085, CVE-2025-24201(CNVD-2025-07885)

Author: Joseph Goydish II
Date: 06/10/2025
Release Type: Full Disclosure
Platform Affected: iOS 18.2 (confirmed zero-day at time of discovery)
Delivery Vector: iMessage (default configuration)
Impact: Remote Code Execution, Privilege Escalation, Keychain Exfiltration,
Persistent Access, Optional Device Bricking

----------------------------------------------------------------------

Summary:

In December 2024, I discovered a previously undocumented zero-click exploit
chain targeting iOS 18.2. The vulnerability chain, dubbed "Glass Cage," enables
an attacker to compromise a device silently by sending a single malicious PNG
image via iMessage.

The exploit bypasses multiple layers of Apple's defenses, including BlastDoor,
WebKit sandboxing, and CoreMedia memory protections. Once triggered, the
payload escalates to kernel-level access, extracts iCloud Keychain data,
alters Wi-Fi proxy settings, establishes persistence, and can optionally
irreversibly brick the device.

This attack chain resulted in the discovery of two CVEs:

- CVE-2025-24085: CoreMedia use-after-free (kernel-level code execution)
Patched by Apple on January 27, 2025

- CVE-2025-24201: WebKit path injection (RCE via asset misresolution)
Patched by Apple on March 11, 2025

Neither CVE was attributed to me, and MITRE did not respond to my direct CVE
requests. I submitted the CoreMedia issue to CNVD, which acknowledged it as
CNVD-2025-07885 and issued certificate CNVD-YCGO-202504012519.

----------------------------------------------------------------------

Technical Summary:

- BlastDoor bypass via malformed HEIF/ASTC metadata
- QuickLook sandbox escape via in-process thumbnail rendering
- CVE-2025-24201: WebKit path injection -> remote code execution
- CVE-2025-24085 (also CNVD-2025-07885): CoreMedia use-after-free -> kernel
execution
- Persistence via unauthorized launchd daemon
- Optional device bricking via IODeviceTree parameter manipulation

----------------------------------------------------------------------

Reproduction:

1. Craft HEIF image with malformed EXIF and ASTC decoder parameters
2. Wrap in WebP container to evade MIME filters
3. Send via iMessage to a default iOS 18.2 device
4. Preview pipeline triggers exploit chain automatically
5. Achieves code execution, kernel escalation, persistence, and optional
bricking

----------------------------------------------------------------------

Impact:

- Full remote device takeover with zero user interaction
- Kernel-level code execution
- iCloud Keychain and secret exfiltration
- Wi-Fi proxy hijack via wifid manipulation
- Persistent launch daemon injection
- Optional device bricking as a cleanup payload
- Forensic evasion through log suppression and timestamp manipulation

----------------------------------------------------------------------

Disclosure Timeline:

- Dec 18, 2024: Discovered in-the-wild on iOS 18.2
Reported to Apple (Report ID: OE19648727267113)
- Dec 19–25, 2024: Multiple follow-ups and log/video submissions to Apple
- Jan 9, 2025: Re-submitted to Apple and reported to US-CERT
- Jan 27, 2025: Apple patches CVE-2025-24085 (CoreMedia use-after-free)
- Mar 11, 2025: Apple patches CVE-2025-24201 (WebKit path injection)
- MITRE did not respond to CVE requests; neither CVE attributed to me
- Apr 2025: CNVD registers CoreMedia UAF as CNVD-2025-07885
- Jun 2025: Full public disclosure due to vendor silence and lack of credit

----------------------------------------------------------------------

Vendor Communication Summary:

Between Dec 18, 2024 and Jan 6, 2025, I maintained active communication with Apple
Product Security. I provided:

- A working exploit and secure download link
- Timestamped logs demonstrating iCloud Keychain and Contacts access
- Syslogs confirming activity from CoreMedia, QuickLook, and locationd
- Video evidence and forensic breakdowns
- Logs verifying access to Contacts, Biome resources, and geolocation data
- Confirmation of BlastDoor sandbox bypass during message preview
- Multiple follow-ups requesting clarification on what was needed for Apple
to begin investigation

Despite these efforts, Apple never confirmed the nature of the zero-day, nor
attributed either CVE to my original submission. MITRE did not respond to my
CVE requests. CNVD independently validated and credited the CoreMedia
discovery as CNVD-2025-07885.

In the absence of vendor attribution, international recognition via CNVD establishes verifiable authorship.
----------------------------------------------------------------------

Certification:

The CoreMedia vulnerability was formally recognized by the China National
Vulnerability Database (CNVD) under the ID CNVD-2025-07885.
Certificate ID: CNVD-YCGO-202504012519
Attached in PDF format for verification.

----------------------------------------------------------------------

Full Technical Disclosure:

[Glass Cage iOS Attack Chain](https://weareapartyof1.substack.com/p/glass-cage-zero-day-imessage-attack)

----------------------------------------------------------------------

Request for Feedback:

If you have additional insights, independent validation, or questions about
any aspect of this disclosure; I welcome peer review, reproduction, and independent validation to strengthen the 
public record this disclosure creates.

----------------------------------------------------------------------
Contact:

Joseph Goydish II
josephgoyd () proton me
https://www.linkedin.com/in/josephg007/

----------------------------------------------------------------------

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread:

• Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) josephgoyd via Fulldisclosure (Oct 02)