CVE-2025-31206

Published May 12, 2025

Last updated a month ago

CVSS medium 4.3

Overview

Description: A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Source: product-security@apple.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Secondary
Base score: 4.3
Impact score: 1.4
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Severity: MEDIUM

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-843

Hype score: Not currently trending

CVE-2025-31206 A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequ… https://t.co/WVjjM7owFa
@CVEnew
12 May 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2911F28D-586D-4C43-BCE7-A8A77568E183",
            "versionEndExcluding": "18.5"
          },
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "683ECAF8-DB29-40DB-963A-B95EA2A2AC01",
            "versionEndExcluding": "17.7.7"
          },
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "069735D6-38B4-402A-9E79-1961701C9AD3",
            "versionEndExcluding": "18.5",
            "versionStartIncluding": "18.0"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF6AAC00-F384-4B0D-BBA9-C2AD278BF653",
            "versionEndExcluding": "18.5"
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF1B4AB8-2B51-4EED-BD29-C500C83FAB10",
            "versionEndExcluding": "15.5"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "519C8A39-A24E-44B7-B1E8-6EF647FEFCA8",
            "versionEndExcluding": "18.5"
          },
          {
            "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "047CDCCE-04BB-4D43-9831-7694992C5CC4",
            "versionEndExcluding": "2.5"
          },
          {
            "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CBDEF1C-6D76-4F9D-8433-3AC16F3860F4",
            "versionEndExcluding": "11.5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References