AI description
CVE-2025-31201 is a vulnerability in RPAC (Return Pointer Authentication Code), a security feature designed to prevent return-oriented programming attacks. The vulnerability allows an attacker with arbitrary read and write capabilities to bypass Pointer Authentication. Apple addressed this issue by removing the vulnerable code in tvOS 18.4.1, visionOS 2.4.1, iOS 18.4.1 and iPadOS 18.4.1, and macOS Sequoia 15.4.1. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
- Description
- This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 6.8
- Impact score
- 5.2
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
- Severity
- MEDIUM
Data from CISA
- Vulnerability name
- Apple Multiple Products Arbitrary Read and Write Vulnerability
- Exploit added on
- Apr 17, 2025
- Exploit action due
- May 8, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
⚡️ 0-Day Alert - Apple bugs actively exploited in targeted attacks: CVE-2025-31200: Memory corruption in CoreAudio framework, reachable via a media file CVE-2025-31201: Exploit Mitigation bypass - Pointer Authentication Patched in Apple iOS < 18.4.1 and iPadOS < 18.4.
@minacrissDev_
14 May 2025
2174 Impressions
2 Retweets
29 Likes
6 Bookmarks
2 Replies
0 Quotes
iOS 18.4.1 で対策されたゼロデイ脆弱性 CVE-2025-31200 / CVE-2025-31201 のうち前者は、CoreAudio のバグを利用するもので細工された悪意のあるオーディオストリームを処理する際に悪用されるので、SNS やフィッシング詐
@1989Benten
10 May 2025
641 Impressions
1 Retweet
7 Likes
0 Bookmarks
1 Reply
0 Quotes
woah... [CVE-2025-31200(CoreAudio) & CVE-2025-31201( bypass PAC) exploited ITW https://t.co/0HAQvTlcCo https://t.co/MWQH6U0Kho
@minacrissDev_
4 May 2025
372 Impressions
1 Retweet
2 Likes
3 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-31201
@transilienceai
24 Apr 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-31200: Memory corruption in CoreAudio framework, reachable via a media file CVE-2025-31201: Exploit Mitigation bypass - Pointer Authentication Patched in Apple iOS < 18.4.1 and iPadOS < 18.4.1 https://t.co/A2UctM4gRq
@minacrissDev_
23 Apr 2025
1675 Impressions
0 Retweets
14 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-31201
@transilienceai
23 Apr 2025
14 Impressions
0 Retweets
0 Likes
1 Bookmark
1 Reply
0 Quotes
4. Apple Cihazlarında İki Zero Day Açığı (CVE-2025-31200 & CVE-2025-31201) Apple, iOS, macOS, iPadOS ve tvOS platformlarını etkileyen iki zero day açığını kapatmak için acil güvenlik güncellemeleri yayınladı. •CVE-2025-31200 (CoreAudio): Kötü amaçlı hazırlanmış medya dosyalar
@MuratDemirtas
23 Apr 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2. Apple Cihazlarında İki Zero Day Açığı (CVE-2025-31200 & CVE-2025-31201) Apple, iOS, macOS, iPadOS ve tvOS platformlarını etkileyen iki zero day açığını kapatmak için acil güvenlik güncellemeleri yayınladı. •CVE-2025-31200 (CoreAudio): Kötü amaçlı hazırlanmış medya dosyalar
@MuratDemirtas
23 Apr 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Múltiples vulnerabilidades en los productos Apple ❗️CVE-2025-31200 ❗CVE-2025-31201 ➡️Más info: https://t.co/umMvOzt4Si https://t.co/bX8Oeb8w16
@CERTpy
22 Apr 2025
77 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚡️ 0-Day Alert - Apple bugs actively exploited in targeted attacks: CVE-2025-31200: Memory corruption in CoreAudio framework, reachable via a media file CVE-2025-31201: Exploit Mitigation bypass - Pointer Authentication Patched in Apple iOS < 18.4.1 and iPadOS < 18.4.1 ht
@zerodaytraining
22 Apr 2025
3740 Impressions
9 Retweets
59 Likes
23 Bookmarks
0 Replies
1 Quote
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-31201 #Apple Multiple Products Arbitrary Read and Write Vulnerability https://t.co/NucMrDfYeq
@ScyScan
21 Apr 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple & Google TAG uncover critical iOS flaws (CVE-2025-31200 & CVE-2025-31201)! Remote code execution possible. Patch ASAP to protect your devices! 🔒 Update before May 8, 2025. #Cybersecurity #iOS #Vulnerability https://t.co/2KrsVkYLFf
@fernandokarl
21 Apr 2025
15 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📣🚨¡Alerta para usuarios de Apple! Dos vulnerabilidades críticas (CVE-2025-31200 y CVE-2025-31201) en CoreAudio y RPAC fueron explotadas en un ataque "extremadamente sofisticado". Actualiza ya tus dispositivos iOS, iPadOS, macOS, tvOS y visionOS para protegerte. #Apple https://
@MrLinkEc
20 Apr 2025
1791 Impressions
8 Retweets
15 Likes
1 Bookmark
0 Replies
1 Quote
Hackers hit Apple with a highly sophisticated attack exploiting 2 zero-days (CVE-2025-31200 & CVE-2025-31201) in CoreAudio & RPAC. Impacts iOS, iPadOS, macOS, tvOS & visionOS. Patch immediately! https://t.co/DU2a9PDShz
@Cyberkite1
20 Apr 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers hit Apple with a highly sophisticated attack exploiting 2 zero-days (CVE-2025-31200 & CVE-2025-31201) in CoreAudio & RPAC. Impacts iOS, iPadOS, macOS, tvOS & visionOS. Patch immediately! https://t.co/qyRaIcSXgU
@michaelplis
20 Apr 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Technical analysis of CVE-2025-31201: reverse engineering the diff between iOS 18.4 and 18.4.1 to study the changes made to RPAC.: https://t.co/v2q9cyfLuh #iOS #apple #cybersecurity #reversing #pac #security #cve #vulnerability https://t.co/z3VZuRT5xB
@ale_sp_brazil
20 Apr 2025
9507 Impressions
53 Retweets
151 Likes
78 Bookmarks
0 Replies
2 Quotes
Atacan a los usuarios de Apple en un "ataque extremadamente sofisticado" https://t.co/9Hru84WxkO Vulnerabilidades en los componentes CoreAudio y RPAC de Apple CVE-2025-31200 (CoreAudio) CVE-2025-31201 (RPAC) https://t.co/3rjpAUUfKB https://t.co/tAe0RKgwTn
@elhackernet
19 Apr 2025
8657 Impressions
66 Retweets
149 Likes
23 Bookmarks
0 Replies
2 Quotes
Actively exploited CVE : CVE-2025-31201
@transilienceai
19 Apr 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 ¡Alerta de Ciberseguridad! 🍎 CISA advierte sobre vulnerabilidades 0-day de Apple (CVE-2025-31200 & CVE-2025-31201) ¡Explotadas activamente! 😱🎧✍️ 🛡️ Acción urgente: ¡Aplica mitigaciones de Apple YA! 🛠️ Empresas: Cumplan BOD 22-01. ☁️ Si no hay fix, ¡suspender uso!
@JonathanGPLD
19 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Apple patched two zero-day flaws (CVE-2025-31200, CVE-2025-31201) actively exploited in targeted iPhone attacks. The bugs affect iOS, macOS, tvOS, iPadOS, and visionOS. Update to iOS 18.4.1, macOS Sequoia 15.4.1, etc., ASAP. Impacts many devices. https://t.co/KMaH0oQkyn
@Jfreeg_
18 Apr 2025
316 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
اپل آپدیت اورژانسی برای 0day CVE-2025-31200 CVE-2025-31201 داده، هر وسیلهای از اپل داری آپدیت کن
@Teeegra
18 Apr 2025
1179 Impressions
2 Retweets
19 Likes
1 Bookmark
1 Reply
0 Quotes
#BUGBOARD news is back!🔍 Apple released updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address 2 actively exploited vulnerabilities: a Core Audio flaw (CVE-2025-31200, CVSS 7.5) and a RPAC issue (CVE-2025-31201, CVSS 6.8). Link-https://t.co/WAKURlN4Hw #Apple #news
@bugbreport
18 Apr 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
1. Apple Cihazlarında İki Zero Day Açığı (CVE-2025-31200 & CVE-2025-31201) Apple, iOS, macOS, iPadOS ve tvOS platformlarını etkileyen iki zero day açığını kapatmak için acil güvenlik güncellemeleri yayınladı.BleepingComputer+1Intego+1 CVE-2025-31200 (CoreAudio): Kötü amaçlı
@MuratDemirtas
18 Apr 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
1. Apple Cihazlarında İki Sıfır Gün Açığı (CVE-2025-31200 & CVE-2025-31201) Apple, iOS, macOS, iPadOS ve tvOS platformlarını etkileyen iki sıfır gün açığını kapatmak için acil güvenlik güncellemeleri yayınladı.BleepingComputer+1Intego+1 CVE-2025-31200 (CoreAudio): Kötü amaç
@MuratDemirtas
18 Apr 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple plugs zero-days holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) https://t.co/Fe3PQzoLxh #cybersecurity #cybernews https://t.co/prmWeYLH1f
@jawconsultinguk
17 Apr 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple has released a new round of security updates after discovering two zero-day vulnerabilities (CVE-2025-31200 and CVE-2025-31201) that were exploited in what’s been described as an "extremely sophisticated attack" targeting specific iPhones. #CyberThreatAlert https://t.co/
@DynaRisk
17 Apr 2025
41 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🚨 CyberAlerts adds two Apple iOS Known Exploited Vulnerabilities (KEV) to their database not yet in CISA KEV - CVE-2025-31200 - CVE-2025-31201 Update to tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1 https://t.co/OAMPcMw82Q
@ethicalhack3r
17 Apr 2025
56 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-31201 Pointer Authentication Bypass in Apple Platforms Enables Arbitrary Memory Access https://t.co/ndpTkQ1hIG
@VulmonFeeds
17 Apr 2025
355 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-31201 This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. … https://t.co/YSrw4R0yjk
@CVEnew
17 Apr 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
iOS18.4.1きてた🍎 CVE-2025-31200 CVE-2025-31201 セキュリティアップデートは早めにあてるか。 iOS18.5でマインナンバー対応のはず! https://t.co/c2PQAadD80
@yama_zaru0102
17 Apr 2025
732 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apple、iOSおよびMacOSのパッチで2つのゼロデイ脆弱性を修正(CVE-2025-31200、CVE-2025-31201) https://t.co/WzbNtwtgiR #Security #セキュリティ #ニュース
@SecureShield_
17 Apr 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple issued emergency updates for two critical zero-day vulnerabilities (CVE-2025-31200 and CVE-2025-31201) affecting multiple platforms. Users, including iPhone XS and later, should update promptly. #security #apple https://t.co/5008HF78E2
@Strivehawk
17 Apr 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Appleは、iOS、macOS、iPadOS、tvOS、visionOSにわたる緊急セキュリティアップデートを公開し、2件のゼロデイ脆弱性(CVE-2025-31200およびCVE-2025-31201)に対応した。 これらは高度に洗練された攻撃で悪用され、特定のiPhoneユーザーが標的となったとされる。
@yousukezan
16 Apr 2025
2173 Impressions
3 Retweets
12 Likes
6 Bookmarks
0 Replies
0 Quotes
Appleが緊急セキュリティ更新を配信。iPhoneへの標的型攻撃で使用されたゼロデイ脆弱性2件への対応。CoreAudioにおける遠隔コード実行CVE-2025-31200とRPACにおけるポインタ認証(PAC)迂回CVE-2025-31201。攻撃の詳細は明らかにされず。Appleのゼロデイ修正は今年5件目。 https://t.co/JPHfwHMojQ
@__kokumoto
16 Apr 2025
2690 Impressions
14 Retweets
31 Likes
9 Bookmarks
0 Replies
0 Quotes
Urgent Apple Security Patch: Zero-Day Exploits Target iPhones #Apple releases urgent patches for zero-day flaws (CVE-2025-31200, CVE-2025-31201) targeting #iPhones. Update now to protect your devices from sophisticated attacks. https://t.co/HobY7psIbi
@the_yellow_fall
16 Apr 2025
326 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
Apple has released urgent updates to fix two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) affecting iPhones and other devices. Immediate updates are advised. 📱🔒 #AppleSecurity #iOSUpdates #USA link: https://t.co/Ri3MuLuEK3 https://t.co/hS6WHkx5DI
@TweetThreatNews
16 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple just dropped a bombshell! Within the last hour, they rolled out emergency security updates to fix two zero-day vulnerabilities—CVE-2025-31200 and CVE-2025-31201—that hackers were actively exploiting in what Apple’s calling an “extremely sophisticated attack” on specific htt
@LaszloRealtor
16 Apr 2025
66 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
woah... [CVE-2025-31200(CoreAudio) & CVE-2025-31201( bypass PAC) exploited ITW https://t.co/JNv60IYjDm https://t.co/NxCVsmkZRs
@xvonfers
16 Apr 2025
2892 Impressions
4 Retweets
49 Likes
20 Bookmarks
0 Replies
0 Quotes
📣 EMERGENCY UPDATES 📣 Apple pushed updates for 2 new zero-days that may have been actively exploited. 🐛 CVE-2025-31200 (CoreAudio), 🐛 CVE-2025-31201 (RPAC): - iOS iOS 18.4.1 and iPadOS 18.4.1 - macOS Sequoia 15.4.1 - tvOS 18.4.1 - visionOS 2.4.1
@ApplSec
16 Apr 2025
915 Impressions
2 Retweets
11 Likes
2 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F73061A-3EA8-4A3A-9192-02C11B8A4943",
"versionEndExcluding": "15.4.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A24DBFEA-B927-44AA-82F3-C9A385B6F426",
"versionEndExcluding": "18.4.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "925616D6-4CD8-4999-ABA7-57810D148EEF",
"versionEndExcluding": "2.4.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F16CA380-BCA8-4704-A2DF-8DEFB6C74304",
"versionEndExcluding": "18.4.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3509987-8BCC-4735-B3A0-CB8821F015C4",
"versionEndExcluding": "18.4.1"
}
],
"operator": "OR"
}
]
}
]