Apple
CVE-2025-31200
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
AnalysisAI
Apple CoreAudio contains a memory corruption vulnerability exploitable through maliciously crafted audio streams in media files, enabling code execution. Exploited in extremely sophisticated targeted attacks in April 2025.
Technical ContextAI
The CWE-787 out-of-bounds write in CoreAudio occurs when processing crafted audio streams. The bounds checking failure allows attackers to corrupt memory during media playback, achieving code execution in the media processing context.
RemediationAI
Update all Apple devices. Enable Lockdown Mode for high-risk individuals. This vulnerability demonstrates the continued targeting of Apple platforms by commercial surveillance vendors.
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Memory Corruption
View allShare
External POC / Exploit Code
Leaving vuln.today