CVE-2025-31223

Published May 12, 2025

Last updated 24 days ago

CVSS high 8.0

Overview

Description: The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption.
Source: product-security@apple.com
NVD status: Modified
Products: safari, ipados, iphone_os, macos, tvos, visionos, watchos

Risk scores

CVSS 3.1

Type: Secondary
Base score: 8
Impact score: 5.9
Exploitability score: 2.1
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-119

Hype score: Not currently trending

🔴 #Apple Devices, Memory Corruption Vulnerability, #CVE-2025-31223 (Critical) https://t.co/fdKQvKX3wN
@dailycve
28 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "2911F28D-586D-4C43-BCE7-A8A77568E183",
            "versionEndExcluding": "18.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "D0459303-7D14-428D-9C4E-2C743AC9529F",
            "versionEndExcluding": "18.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "AF6AAC00-F384-4B0D-BBA9-C2AD278BF653",
            "versionEndExcluding": "18.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "EF1B4AB8-2B51-4EED-BD29-C500C83FAB10",
            "versionEndExcluding": "15.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "519C8A39-A24E-44B7-B1E8-6EF647FEFCA8",
            "versionEndExcluding": "18.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "047CDCCE-04BB-4D43-9831-7694992C5CC4",
            "versionEndExcluding": "2.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0CBDEF1C-6D76-4F9D-8433-3AC16F3860F4",
            "versionEndExcluding": "11.5",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References