- Description
- The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- ipados, iphone_os, macos, tvos, visionos, watchos
CVSS 3.1
- Type
- Secondary
- Base score
- 6.3
- Impact score
- 3.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-20
- Hype score
- Not currently trending
AppleJPEG: CVE-2025-31251: RCE CoreAudio: CVE-2025-31208: RCE CoreMedia: CVE-2025-31239: RCE CVE-2025-31233: RCE CoreGraphics: CVE-2025-31209: info disc
@minacrissDev_
26 Aug 2025
385 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
苹果指出,新释出的iOS 18.5特别针对CVE-2025-31251与CVE-2025-31233两个高风险漏洞进行修补。 https://t.co/IX7lCWUKAm #星洲日报 #sinchew
@SinChewPress
31 May 2025
513 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 #Apple Devices, Memory Corruption, #CVE-2025-31233 (Critical) https://t.co/tsLEyCtH0n
@dailycve
27 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ZDI-25-298|CVE-2025-31233] Apple macOS MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability (CVSS 8.8; Credit: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative) https://t.co/GPCwGBDlQD
@TheZDIBugs
22 May 2025
2344 Impressions
8 Retweets
24 Likes
14 Bookmarks
0 Replies
0 Quotes
Five more vuls in macOS Sequoia 15.5/iOS 18.5 (some triggerable via Safari): https://t.co/qchKn8rGIv AppleJPEG: CVE-2025-31251: RCE CoreAudio: CVE-2025-31208: RCE CoreMedia: CVE-2025-31239: RCE CVE-2025-31233: RCE CoreGraphics: CVE-2025-31209: info disc
@minacrissDev_
14 May 2025
453 Impressions
2 Retweets
3 Likes
1 Bookmark
1 Reply
0 Quotes
Five more vuls in macOS Sequoia 15.5/iOS 18.5 (some triggerable via Safari): https://t.co/tzCoeVZl4u AppleJPEG: CVE-2025-31251: RCE CoreAudio: CVE-2025-31208: RCE CoreMedia: CVE-2025-31239: RCE CVE-2025-31233: RCE CoreGraphics: CVE-2025-31209: info disc
@hosselot
13 May 2025
6681 Impressions
20 Retweets
108 Likes
28 Bookmarks
3 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "683ECAF8-DB29-40DB-963A-B95EA2A2AC01",
"versionEndExcluding": "17.7.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "069735D6-38B4-402A-9E79-1961701C9AD3",
"versionEndExcluding": "18.5",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6AAC00-F384-4B0D-BBA9-C2AD278BF653",
"versionEndExcluding": "18.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A90AA958-60F3-474C-B351-0F143B498B3E",
"versionEndExcluding": "13.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE6D3FD-8A49-48CF-80A3-0FFC6BA80B99",
"versionEndExcluding": "14.7.6",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7416C76-07EC-4132-A509-E3F62B002CCA",
"versionEndExcluding": "15.5",
"versionStartIncluding": "15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "519C8A39-A24E-44B7-B1E8-6EF647FEFCA8",
"versionEndExcluding": "18.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "047CDCCE-04BB-4D43-9831-7694992C5CC4",
"versionEndExcluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CBDEF1C-6D76-4F9D-8433-3AC16F3860F4",
"versionEndExcluding": "11.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]