CVE-2025-31200
CVSS Score
V3.1Attack Vector Metrics
Impact Metrics
Description
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
Available Exploits
Related News
The iDownloadBlog team chases down the latest iPhone and iPad hacking and/or jailbreaking news every week and wraps it up on the weekend.
Security researchers have shared a poof-of-concept of CVE-2025-31200, a security vulnerability patched in iOS 18.4.1.
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) Apple has released emergency security updates for iOS/iPadOS, macOS, …
The first security vulnerability addressed in the latest update is in CoreAudio, tracked as CVE-2025-31200. According to Apple's security bulletin, it allowed for malicious code execution when processing an audio stream from an infected media file. The vulner…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability CVE-2025-31201 Apple Multiple Products …
Affected Products
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
Due Date
Added to KEV
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.