CVE-2025-31200: Apple Multiple Products Memory Corruption Vulnerability
First published: Wed Apr 16 2025(Updated: )
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
Credit: Apple Google Threat Analysis Group product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| tvOS | <18.4.1 | 18.4.1 |
| Apple Multiple Products | ||
| macOS | <15.4.1 | |
| tvOS | <18.4.1 | |
| visionOS | <2.4.1 | |
| Apple iOS, iPadOS, and macOS | <18.4.1 | |
| iPhone OS | <18.4.1 | |
| macOS | <15.4.1 | 15.4.1 |
| visionOS | <2.4.1 | 2.4.1 |
| <18.4.1 | 18.4.1 | |
| <18.4.1 | 18.4.1 |
Remedy
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/122402 (Advisory)
- https://support.apple.com/en-us/122400 (Advisory)
- https://support.apple.com/en-us/122401 (Advisory)
- https://support.apple.com/en-us/122282 (Advisory)
- https://www.bleepingcomputer.com/news/security/apple-fixes-two-zero-days-exploited-in-targeted-iphone-attacks/
- https://www.zdnet.com/article/update-your-iphone-now-to-patch-a-carplay-glitch-and-two-serious-security-flaws/
- https://nvd.nist.gov/vuln/detail/CVE-2025-31200
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2025-31200?
CVE-2025-31200 is a critical memory corruption vulnerability that can lead to code execution when processing malicious audio streams.
How do I fix CVE-2025-31200?
CVE-2025-31200 can be fixed by updating to the latest versions of affected software: tvOS 18.4.1, visionOS 2.4.1, iOS 18.4.1, iPadOS 18.4.1, and macOS Sequoia 15.4.1.
What products are affected by CVE-2025-31200?
CVE-2025-31200 affects Apple products that include tvOS, visionOS, iOS, iPadOS, and macOS Sequoia.
What types of attacks can exploit CVE-2025-31200?
CVE-2025-31200 can be exploited through specially crafted media files that target memory corruption vulnerabilities.
What should users do if they are vulnerable to CVE-2025-31200?
Users vulnerable to CVE-2025-31200 should immediately update their devices to the latest available software versions provided by Apple.
- collector/apple-support
- source/Apple
- alias/CVE-2025-31201
- agent/software-canonical-lookup
- agent/first-publish-date
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2025-31200
- alias/CVE-2025-24085
- alias/CVE-2025-24200
- alias/CVE-2025-24201
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- collector/zdnet-article
- source/ZDNet
- agent/news-ai
- zeroday/true
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/remedy
- agent/source
- agent/title
- agent/description
- agent/trending
- collector/nvd-cve
- source/NVD
- agent/weakness
- agent/last-modified-date
- agent/event
- collector/nvd-api
- agent/softwarecombine
- agent/tags
- vendor/apple
- canonical/tvos
- canonical/apple multiple products
- canonical/macos
- canonical/visionos
- canonical/apple ios, ipados, and macos
- canonical/iphone os