Apple on Wednesday launched safety updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to handle two safety flaws that it mentioned have come beneath energetic exploitation within the wild.
The vulnerabilities in query are listed under –
- CVE-2025-31200 (CVSS rating: 7.5) – A reminiscence corruption vulnerability within the Core Audio framework that might enable code execution when processing an audio stream in a maliciously crafted media file
- CVE-2025-31201 (CVSS rating: 6.8) – A vulnerability within the RPAC part that could possibly be utilized by an attacker with arbitrary learn and write functionality to bypass Pointer Authentication
The iPhone maker mentioned it addressed CVE-2025-31200 with improved bounds checking and CVE-2025-31201 by eradicating the susceptible part of code.
Each the vulnerabilities have been credited to Apple, together with Google Menace Evaluation Group (TAG) for reporting CVE-2025-31200.
Apple, as is often the case with such advisories, mentioned it is conscious that the problems have been “exploited in a particularly refined assault in opposition to particular focused people on iOS.”
With the most recent improvement, Apple has addressed a complete of 5 actively exploited zero-days in its software program because the begin of the 12 months –
- CVE-2025-24085 (CVSS rating: 7.8) – A use-after-free bug within the Core Media part that might allow a malicious utility already put in on a tool to raise privileges
- CVE-2025-24200 (CVSS rating: 4.6) – An authorization challenge within the Accessibility part that might allow an attacker to disable USB Restricted Mode on a locked gadget as a part of a cyber-physical assault
- CVE-2025-24201 (CVSS rating: 7.1) – An out-of-bounds write challenge within the WebKit part that could possibly be exploited to interrupt out of the Internet Content material sandbox utilizing maliciously crafted internet content material
The updates can be found for the next units and working methods –
- iOS 18.4.1 and iPadOS 18.4.1 – iPhone XS and later, iPad Professional 13-inch, iPad Professional 13.9-inch third technology and later, iPad Professional 11-inch 1st technology and later, iPad Air third technology and later, iPad seventh technology and later, and iPad mini fifth technology and later
- macOS Sequoia 15.4.1 – Macs operating macOS Sequoia
- tvOS 18.4.1 – Apple TV HD and Apple TV 4K (all fashions)
- visionOS 2.4.1 – Apple Imaginative and prescient Professional
In gentle of energetic exploitation, customers are suggested to replace their units to the most recent model to safeguard in opposition to dangers.
