Apple has swiftly addressed two critical zero-day vulnerabilities, CVE-2025-31200 and CVE-2025-31201, that were actively exploited in the wild. Both vulnerabilities, affecting multiple Apple products including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS, were patched on April 16, 2025, with the release of updates for these platforms.
CVE-2025-31200, a memory corruption issue, was particularly severe with a CVSS score of 9.8. The flaw, identified as CWE-119, allowed attackers to execute arbitrary code by processing a maliciously crafted media file. This vulnerability was addressed through improved bounds checking in the latest software updates.
CVE-2025-31201, also rated with a CVSS score of 9.8, involved a bypass of Pointer Authentication due to a flaw categorized under CWE-1220. This vulnerability allowed attackers with arbitrary read and write capabilities to potentially bypass critical security measures. Apple resolved this issue by removing the vulnerable code entirely.
Both vulnerabilities were added to the Known Exploited Vulnerabilities (KEV) catalog on April 17, 2025, underscoring their critical nature and the urgency for users to update their devices. The vulnerabilities were exploited within 0.2 days of disclosure, highlighting the rapid exploitation timeline and the importance of timely patching.
Proof-of-concept exploits for CVE-2025-31200 are already available, increasing the risk of further exploitation. Security teams are advised to prioritize the deployment of the latest updates to mitigate potential threats. Users should ensure their devices are updated to iOS 18.4.1, iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, and watchOS 11.5 to protect against these vulnerabilities.
CSURFACE