CVE-2025-31200

None

Description

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS released before iOS 18.4.1.

INFO

Published Date :

2025-04-16T18:24:31.578Z

Last Modified :

2026-04-02T18:25:21.000Z

Source :

apple

AFFECTED PRODUCTS

The following products are affected by CVE-2025-31200 vulnerability.

Vendors	Products
Apple	Ipados Iphone Os Macos Tvos Visionos Watchos

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-31200.

URL	Resource
http://seclists.org/fulldisclosure/2025/Apr/26
http://seclists.org/fulldisclosure/2025/Jun/14
http://seclists.org/fulldisclosure/2025/May/10
http://seclists.org/fulldisclosure/2025/Oct/0
http://seclists.org/fulldisclosure/2025/Oct/4
https://blog.noahhw.dev/posts/cve-2025-31200/
https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201/blob/main/Remote%20Crypto%20Attack%20Chain%20.md
https://github.com/cisagov/vulnrichment/issues/200
https://news.ycombinator.com/item?id=44161894
https://support.apple.com/en-us/122282
https://support.apple.com/en-us/122400
https://support.apple.com/en-us/122401
https://support.apple.com/en-us/122402
https://support.apple.com/en-us/122722
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31200

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact