Technology

Apple patches take advantage of two aggressively exploited iOS flaws used in sophisticated target attacks

3 Min Read
3 Min Read
Millions of iPhones airlifted from India in Apple's tariff escape plan

On Wednesday, Apple released security updates for iOS, iPados, MacOS Sequoia, TVOS and Visionos, addressing two security flaws that are said to be subject to aggressive exploitation in the wild.

The vulnerabilities in question are listed below –

  • CVE-2025-31200 (CVSS score: 7.5) – Memory corruption vulnerability in core audio framework that allows code execution when processing audio streams with maliciously created media files
  • CVE-2025-31201 (CVSS score: 6.8) – Vulnerability in RPAC components that can be used by attackers with arbitrary read and write capabilities to bypass pointer authentication

The iPhone manufacturer said it addressed CVE-2025-31200 with improved boundary checks and CVE-2025-31201 by removing vulnerable sections in the code.

Both vulnerabilities are credited to Apple along with the Google Threat Analysis Group (TAG) to report CVE-2025-31200.

Apple said it recognizes that, as in such an advisory, the issue is “exploited in a very sophisticated attack on certain targeted individuals on iOS.”

With the latest developments, Apple has been working on a total of five actively exploited zero-days with its software since its launch this year –

  • CVE-2025-24085 (CVSS score: 7.8) – Bug after using core media components. Malicious applications already installed on the device can increase privileges
  • CVE-2025-24200 (CVSS score: 4.6) – Issue to authorization of accessibility components that allow attackers to disable USB restriction mode on locked devices as part of a cyber-physical attack
  • CVE-2025-24201 (CVSS Score: 7.1) – Write the problem in a WebKit component that can be exploited to use malicious web content to get out of the web content sandbox.

Updates are available on the following devices and operating systems –

  • iOS 18.4.1 and iPads 18.4.1 – iPhone XS and then iPad Pro 13-inch, iPad Pro 13.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd Generation and later, iPad 7th generation and later, iPad Mini 5th Generation and later
  • MacOS Secoia 15.4.1 – Mac running MacOS Sequoia
  • TVOS 18.4.1 -AppleTV HD and Apple TV 4K (all models)
  • Visionos 2.4.1 – Apple Vision Pro
See also  Moldova police arrest suspect in a 4.5 million euro ransomware attack on a Dutch research institution

In light of aggressive exploitation, users are encouraged to update their devices to the latest version to prevent risk.

Share This Article
Leave a comment

Follow US

POPULAR