BSI Warns of Critical Vulnerabilities in WebKit/Apple, WithSecure Endpoint Protection, and Linux Kernel

The German Federal Office for Information Security (BSI) issued security warnings regarding vulnerabilities in several key systems:

  • WebKit/Apple: A critical vulnerability (CVE-2025-24201) affects iPhoneOS, MacOS X, UNIX, Open Source WebKit, Apple iOS, Apple iPadOS, Apple macOS, and Apple Safari. A remote, anonymous attacker can exploit this to bypass security mechanisms. The CVSS base score is 9.6, classifying it as "critical."

  • WithSecure Endpoint Protection: A medium-risk vulnerability (CVE-2025-26790) impacts Linux and WithSecure Endpoint Protection. A remote, anonymous attacker can trigger a denial-of-service attack. The CVSS base score is 7.5.

  • Linux Kernel: An update addresses a vulnerability (CVE-2023-52922) in the Linux Kernel, affecting Open Source Linux Kernel, Red Hat Enterprise Linux, SUSE Linux, and Oracle Linux. A local attacker can exploit it for a denial-of-service attack. The CVSS base score is 6.6, rated as "medium."

Users are advised to apply the latest updates and security patches.

Read more news on this topic:

Gitea Security Alert: BSI Updates Warning on Multiple Vulnerabilities Allowing Data Manipulation and Denial of Service

Apple Addresses Multiple Vulnerabilities in macOS, iPadOS, and iOS with Critical Security Updates

Apache Commons Vulnerabilities Expose SUSE and openSUSE Systems to Remote Information Disclosure Risks

Did you find an error or inaccuracy?

We will consider your comments as soon as possible.