On Wednesday, Apple released security updates for iOS, iPados, MacOS Sequoia, TVOS and Visionos, addressing two security flaws that are said to be subject to aggressive exploitation in the wild.
The vulnerabilities in question are listed below –
CVE-2025-31200 (CVSS score: 7.5) – Memory corruption vulnerability in core audio framework that allows code execution when processing audio streams with malicious media files CVE-2025-31201 (CVSS score: 6.8) – Possible to use vulnerabilities in RPAC components that use vulnerabilities in RPAC components.
The iPhone manufacturer said it addressed CVE-2025-31200 with improved boundary checks and CVE-2025-31201 by removing vulnerable sections in the code.
Both vulnerabilities are credited to Apple along with the Google Threat Analysis Group (TAG) to report CVE-2025-31200.
Apple said it recognizes that, as in such an advisory, the issue is “exploited in a very sophisticated attack on certain targeted individuals on iOS.”
With the latest developments, Apple has been working on a total of five actively exploited zero-days with its software since its launch this year –
CVE-2025-24085 (CVSS score: 7.8) – Wasted bug in core media components that could allow malicious applications that can increase privileges by malicious applications already installed on the device CVE-2025-24200 (CVSS score: 4.6) – Issue authorization of accessibility components that could hinder accessibility components Attack CVE-2025-24201 (CVSS score: 7.1) – Issue out-of-bounds issues with WebKit components that could be exploited to use malicious web content to get out of the web content sandbox
Updates are available on the following devices and operating systems –
I’m running iOS 18.4.1 and iPad 18.4.1 – iPhone XS or later, iPad Pro 13 inch, iPad Pro 13.9 inch 3rd generation or later, iPad Pro 11 inch 1st generation or later, iPad Air 3rd Generation and then iPad 7th generation or later, iPad Mini 5th Generation and Later Macos appper sequos adques hde seques hde seques aspects 15.4.1 -MAC. TV 4K (All Models) Visionos 2.4.1 – Apple Vision Pro
In light of aggressive exploitation, users are encouraged to update their devices to the latest version to prevent risk.
Source link
