Back to KEVs

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and...

Basic Information

CVE State
PUBLISHED
Reserved Date
March 27, 2025
Published Date
April 16, 2025
Last Updated
April 17, 2025
Vendor
Apple
Product
visionOS, iOS iOS and iPadOS, tvOS, macOS
Description
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

CVSS Scores

EPSS Score

Score
0.44% (Percentile: 61.94%) as of 2025-04-29

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2025-04-17 00:00:00 UTC) Source

References

https://support.apple.com/en-us/122402 https://support.apple.com/en-us/122282 https://support.apple.com/en-us/122401 https://support.apple.com/en-us/122400

Known Exploited Vulnerability Information

Source Added Date
CISA 2025-04-17 00:00:00 UTC