Security News > 2025 > April > Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
2025-04-17 03:33
Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-31200 (CVSS score: 7.5) - A memory corruption vulnerability in the Core Audio framework that could allow code execution when processing an audio
News URL
https://thehackernews.com/2025/04/apple-patches-two-actively-exploited.html
Related news
- iOS devices face twice the phishing attacks of Android (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks (source)
- Apple Safari exposes users to fullscreen browser-in-the-middle attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-16 | CVE-2025-31200 | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved bounds checking. | 0.0 |