Security News > 2025 > April > Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
2025-04-17 03:33
Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-31200 (CVSS score: 7.5) - A memory corruption vulnerability in the Core Audio framework that could allow code execution when processing an audio
News URL
https://thehackernews.com/2025/04/apple-patches-two-actively-exploited.html
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)
- Apple Rolls Out iOS 18.4 With New Languages, Emojis & Apple Intelligence in the EU (source)
- iOS devices face twice the phishing attacks of Android (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-16 | CVE-2025-31200 | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved bounds checking. | 0.0 |