"Glass Cage" – Sophisticated Zero-Click iMessage Exploit ChainEnabling Persistent iOS Compromise and Device Bricking CVE-2025-24085, CVE-2025-24201(CNVD-2025-07885) Author: Joseph Goydish II Date: 06/10/2025 Release Type: Full Disclosure Platform Affected: iOS 18.2 (confirmed zero-day at time of discovery) Delivery Vector: iMessage (default configuration) Impact: Remote Code Execution, Privilege Escalation, Keychain Exfiltration, Persistent Access, Optional Device Bricking ---------------------------------------------------------------------- Summary: In December 2024, I discovered a previously undocumented zero-click exploit chain targeting iOS 18.2. The vulnerability chain, dubbed "Glass Cage," enables an attacker to compromise a device silently by sending a single malicious PNG image via iMessage. The exploit bypasses multiple layers of Apple's defenses, including BlastDoor, WebKit sandboxing, and CoreMedia memory protections. Once triggered, the payload escalates to kernel-level access, extracts iCloud Keychain data, alters Wi-Fi proxy settings, establishes persistence, and can optionally irreversibly brick the device. This attack chain resulted in the discovery of two CVEs: - CVE-2025-24085: CoreMedia use-after-free (kernel-level code execution) Patched by Apple on January 27, 2025 - CVE-2025-24201: WebKit path injection (RCE via asset misresolution) Patched by Apple on March 11, 2025 Neither CVE was attributed to me, and MITRE did not respond to my direct CVE requests. I submitted the CoreMedia issue to CNVD, which acknowledged it as CNVD-2025-07885 and issued certificate CNVD-YCGO-202504012519. ---------------------------------------------------------------------- Technical Summary: - BlastDoor bypass via malformed HEIF/ASTC metadata - QuickLook sandbox escape via in-process thumbnail rendering - CVE-2025-24201: WebKit path injection -> remote code execution - CVE-2025-24085 (also CNVD-2025-07885): CoreMedia use-after-free -> kernel execution - Persistence via unauthorized launchd daemon - Optional device bricking via IODeviceTree parameter manipulation ---------------------------------------------------------------------- Reproduction: 1. Craft HEIF image with malformed EXIF and ASTC decoder parameters 2. Wrap in WebP container to evade MIME filters 3. Send via iMessage to a default iOS 18.2 device 4. Preview pipeline triggers exploit chain automatically 5. Achieves code execution, kernel escalation, persistence, and optional bricking ---------------------------------------------------------------------- Impact: - Full remote device takeover with zero user interaction - Kernel-level code execution - iCloud Keychain and secret exfiltration - Wi-Fi proxy hijack via wifid manipulation - Persistent launch daemon injection - Optional device bricking as a cleanup payload - Forensic evasion through log suppression and timestamp manipulation ---------------------------------------------------------------------- Disclosure Timeline: - Dec 18, 2024: Discovered in-the-wild on iOS 18.2 Reported to Apple (Report ID: OE19648727267113) - Dec 19–25, 2024: Multiple follow-ups and log/video submissions to Apple - Jan 9, 2025: Re-submitted to Apple and reported to US-CERT - Jan 27, 2025: Apple patches CVE-2025-24085 (CoreMedia use-after-free) - Mar 11, 2025: Apple patches CVE-2025-24201 (WebKit path injection) - MITRE did not respond to CVE requests; neither CVE attributed to me - Apr 2025: CNVD registers CoreMedia UAF as CNVD-2025-07885 - Jun 2025: Full public disclosure due to vendor silence and lack of credit ---------------------------------------------------------------------- Vendor Communication Summary: Between Dec 18, 2024 and Jan 6, 2025, I maintained active communication with Apple Product Security. I provided: - A working exploit and secure download link - Timestamped logs demonstrating iCloud Keychain and Contacts access - Syslogs confirming activity from CoreMedia, QuickLook, and locationd - Video evidence and forensic breakdowns - Logs verifying access to Contacts, Biome resources, and geolocation data - Confirmation of BlastDoor sandbox bypass during message preview - Multiple follow-ups requesting clarification on what was needed for Apple to begin investigation Despite these efforts, Apple never confirmed the nature of the zero-day, nor attributed either CVE to my original submission. MITRE did not respond to my CVE requests. CNVD independently validated and credited the CoreMedia discovery as CNVD-2025-07885. In the absence of vendor attribution, international recognition via CNVD establishes verifiable authorship. ---------------------------------------------------------------------- Certification: The CoreMedia vulnerability was formally recognized by the China National Vulnerability Database (CNVD) under the ID CNVD-2025-07885. Certificate ID: CNVD-YCGO-202504012519 Attached in PDF format for verification. ---------------------------------------------------------------------- Full Technical Disclosure: [Glass Cage iOS Attack Chain](https://weareapartyof1.substack.com/p/glass-cage-zero-day-imessage-attack) ---------------------------------------------------------------------- Request for Feedback: If you have additional insights, independent validation, or questions about any aspect of this disclosure; I welcome peer review, reproduction, and independent validation to strengthen the public record this disclosure creates. ---------------------------------------------------------------------- Contact: Joseph Goydish II josephgoyd@proton.me https://www.linkedin.com/in/josephg007/ ----------------------------------------------------------------------