CVE-2025-31203: Input Validation
First published: Tue Apr 01 2025(Updated: )
AirDrop. A permissions issue was addressed with additional restrictions.
Credit: product-security@apple.com Martin Kreichgauer Google ChromeYutong Xiu Denis Tokarev @illusionofcha0s Google Threat Analysis Group Hossein Lotfi @hosselot Trend Micro Zero Day Initiativepattern-f @pattern_F_ Jonathan Bar Or @yo_yo_yo_jbo Microsoft an anonymous researcher Uri Katz (Oligo Security) CVE-2024-9681 Andr.Ess Kirin @Pwnrin LFY @secsys Fudan UniversityAnonymous Trend Micro Zero Day InitiativeWang Yu CyberservalMichael (Biscuit) Thomas - @social.lol @biscuit CVE-2024-48958 CVE-2025-27113 CVE-2024-56171 Alex Radocea SupernetworksDave G. Supernetworks风沐云烟 @binary_fmyy Minghao Lin @Y1nKoc Jimmy Mickey Jin @patch1t @RenwaX23 Syarif Muhammad Sajjad Bing Shi Alibaba GroupWenchao Li Alibaba GroupXiaolong Bai Alibaba GroupLuyi Xing Indiana University BloomingtonHalle Winkler Politepix theoffcuts.org Andrew James Gonzalez Bohdan Stasiuk @bohdan_stasiuk Apple Gary Kwong Paul Bakker ParagonERPGoogle V8 Security Team Francisco Alonso @revskills rheza @ginggilBesel Ron Masas BREAKPOINTDominik Rath
| Affected Software | Affected Version | How to fix |
|---|---|---|
| macOS | <15.4 | |
| tvOS | <18.4 | |
| Apple iOS, iPadOS, and macOS | <17.7.6 | |
| Apple macOS | <14.7.5 | |
| Apple iOS and iPadOS | <18.4 | |
| Apple iOS, iPadOS, and macOS | <18.4 | |
| Apple iOS, iPadOS, and watchOS | <11.4 | |
| visionOS | <2.4 | |
| Apple iOS, iPadOS, and watchOS | <11.4 | 11.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2025-24097
- CVE-2025-24251
- CVE-2025-24244
- CVE-2025-24243
- CVE-2025-30430
- CVE-2025-24180
- CVE-2025-24237
- CVE-2025-30429
- CVE-2025-24212
- CVE-2025-24163
- CVE-2025-24230
- CVE-2025-24190
- CVE-2025-30454
- CVE-2025-31191
- CVE-2025-24182
- CVE-2025-31203
- CVE-2024-9681
- CVE-2025-30439
- CVE-2025-24283
- CVE-2025-30447
- CVE-2025-24210
- CVE-2025-24257
- CVE-2025-30432
- CVE-2024-48958
- CVE-2025-24194
- CVE-2025-27113
- CVE-2024-56171
- CVE-2025-24178
- CVE-2025-31182
- CVE-2025-24238
- CVE-2025-30470
- CVE-2025-30426
- CVE-2025-24173
- CVE-2025-24113
- CVE-2025-30467
- CVE-2025-24167
- CVE-2025-30471
- CVE-2025-30438
- CVE-2025-30433
- CVE-2025-31183
- CVE-2025-24217
- CVE-2025-24214
- CVE-2025-24201
- CVE-2025-24264
- CVE-2025-24216
- CVE-2025-24213
- CVE-2025-24209
- CVE-2025-30427
- CVE-2025-30425
Frequently Asked Questions
What is the severity of CVE-2025-31203?
CVE-2025-31203 is a vulnerability that may allow an attacker to cause a denial-of-service on affected devices.
How do I fix CVE-2025-31203?
To fix CVE-2025-31203, update your device to macOS Sequoia 15.4, tvOS 18.4, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4, or watchOS 11.4.
What platforms are affected by CVE-2025-31203?
CVE-2025-31203 affects macOS Sequoia, tvOS, iPadOS, macOS Sonoma, iOS, watchOS, and visionOS versions below the specified updates.
Who can exploit CVE-2025-31203?
An attacker on the local network can potentially exploit CVE-2025-31203 to cause service disruptions.
What improvements were made in the fix for CVE-2025-31203?
The fix for CVE-2025-31203 includes improved input validation to prevent the integer overflow issue.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/author
- agent/source
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/event
- agent/tags
- collector/apple-support
- source/Apple
- alias/CVE-2025-24237
- alias/CVE-2025-30429
- alias/CVE-2025-24212
- alias/CVE-2025-24163
- alias/CVE-2025-24230
- alias/CVE-2025-24190
- alias/CVE-2025-30454
- alias/CVE-2025-31191
- alias/CVE-2025-24182
- alias/CVE-2025-31203
- alias/CVE-2024-9681
- alias/CVE-2025-30439
- alias/CVE-2025-24283
- alias/CVE-2025-30447
- alias/CVE-2025-24210
- alias/CVE-2025-24257
- alias/CVE-2025-30432
- alias/CVE-2024-48958
- alias/CVE-2025-24194
- alias/CVE-2025-27113
- alias/CVE-2024-56171
- alias/CVE-2025-24178
- alias/CVE-2025-31182
- alias/CVE-2025-24238
- alias/CVE-2025-30470
- alias/CVE-2025-30426
- alias/CVE-2025-24173
- alias/CVE-2025-24113
- alias/CVE-2025-30467
- alias/CVE-2025-24167
- alias/CVE-2025-30471
- alias/CVE-2025-30438
- alias/CVE-2025-30433
- alias/CVE-2025-31183
- alias/CVE-2025-24217
- alias/CVE-2025-24214
- alias/CVE-2025-24201
- alias/CVE-2025-24264
- alias/CVE-2025-24216
- alias/CVE-2025-24213
- alias/CVE-2025-24209
- alias/CVE-2025-30427
- alias/CVE-2025-30425
- alias/CVE-2025-24251
- alias/CVE-2025-24244
- alias/CVE-2025-24243
- alias/CVE-2025-30430
- alias/CVE-2025-24180
- vendor/apple
- canonical/macos
- canonical/tvos
- canonical/apple ios, ipados, and macos
- canonical/apple macos
- canonical/apple ios and ipados
- canonical/apple ios, ipados, and watchos
- canonical/visionos