Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
6.8
CVSSv3

CVE-2025-31201

CVSSv4: NA | CVSSv3: 6.8 | CVSSv2: NA | VMScore: 780 | EPSS: 0.00292 | KEV: Exploitation Reported
Published: 16/04/2025 Updated: 18/04/2025

Vulnerability Summary

Pointer Authentication Bypass in Apple Platforms Enables Arbitrary Memory Access

Apple has addressed a significant security vulnerability across multiple operating systems including tvOS 18.4.1, visionOS 2.4.1, iOS 18.4.1, iPadOS 18.4.1, and macOS Sequoia 15.4.1. The issue involved a potential bypass of Pointer Authentication, which could allow an attacker with arbitrary read and write capabilities to compromise system security. Apple has confirmed awareness of a report suggesting this vulnerability may have been exploited in a highly sophisticated targeted attack against specific individuals on iOS. The problem was resolved by removing the vulnerable code, thereby mitigating the potential security risk across their device ecosystem.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple visionos

apple ios ios and ipados

apple tvos

apple macos

apple ipados

apple iphone os

Mailing Lists

Full Disclosure: APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-04-16-2025-1 iOS 1841 and iPadOS 1841 iOS 1841 and iPadOS 1841 addresses the following issues Information about the security content is also available at supportapplecom/122282 Apple maintains a Security Releases page at supportapplecom/100100 which lists rece ...
Full Disclosure: APPLE-SA-04-16-2025-4 visionOS 2.4.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-04-16-2025-4 visionOS 241 visionOS 241 addresses the following issues Information about the security content is also available at supportapplecom/122402 Apple maintains a Security Releases page at supportapplecom/100100 which lists recent software updates with sec ...
Full Disclosure: APPLE-SA-04-16-2025-3 tvOS 18.4.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-04-16-2025-3 tvOS 1841 tvOS 1841 addresses the following issues Information about the security content is also available at supportapplecom/122401 Apple maintains a Security Releases page at supportapplecom/100100 which lists recent software updates with security ...
Full Disclosure: APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-04-16-2025-2 macOS Sequoia 1541 macOS Sequoia 1541 addresses the following issues Information about the security content is also available at supportapplecom/122400 Apple maintains a Security Releases page at supportapplecom/100100 which lists recent software upda ...
Full Disclosure: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Hello Full Disclosure, This is a strategic public disclosure of a zero-click iMessage exploit chain that was discovered live on iOS 182 and remained unpatched through iOS 184 It enabled Secure Enclave key theft, wormable remote code execution, and undetectable crypto wallet exfiltration Despite responsible disclosure, the research was suppre ...

Github Repositories

https://github.com/Knoxpix/PACKernel

PAC Kernel Extension Demo for macOS

PACKernel – macOS Kernel Extension (KEXT) PAC Demo ⚠️ This project is for educational purposes only It demonstrates how pointer authentication (PAC) on Apple Silicon (ARM64e) enforces function pointer integrity in kernel space, and how function pointer reuse can simulate potential PAC bypass logic 🔐 About Pointer Authentication Apple Silicon implements ARMv83-A

Recent Articles

Apple fixes two zero-days exploited in targeted iPhone attacks
BleepingComputer • Lawrence Abrams • 16 Apr 2025

Apple fixes two zero-days exploited in targeted iPhone attacks By Lawrence Abrams April 16, 2025 02:06 PM 0 Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an "extremely sophisticated attack" against specific targets' iPhones. The two vulnerabilities are in CoreAudio (CVE-2025-31200) and RPAC (CVE-2025-31201), with both bugs impacting iOS, macOS, tvOS, iPadOS, and visionOS. "Apple is aware of a report that this issue may have been exploited ...

Read more...

References

NVD-CWE-noinfohttps://nvd.nist.govhttps://github.com/Knoxpix/PACKernelhttps://www.bleepingcomputer.com/news/security/apple-fixes-two-zero-days-exploited-in-targeted-iphone-attacks/https://www.first.org/epsshttps://support.apple.com/en-us/122282https://support.apple.com/en-us/122400https://support.apple.com/en-us/122401https://support.apple.com/en-us/122402
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-4278updatenavifujitsu client computing limitedCVE-2025-32465CVE-2025-49184ibmCVE-2025-4275file uploadCVE-2025-33073sick agfile inclusionCVE-2025-26383unspecified
Home
/
Search Results
/
CVE-2025-31201
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook