Apple has rolled out important updates to mitigate two critical vulnerabilities in its iOS devices. These updates follow reports of advanced persistent targeted attacks that used these weaknesses to infiltrate systems. The attack surface for vulnerabilities CVE-2025-31200 and CVE-2025-31201 have scored very high on the Common Vulnerability Scoring System (CVSS). This points to how serious those are.
CVE-2025-31200, a memory corruption vulnerability in the Core Audio framework, CVSS 7.5. This weakness may allow arbitrary code execution if an audio stream is passed over an affected device by means of a specially constructed media file. The potential for exploitation is high and poses serious concerns. Apple informed us that, unlike the other vulnerabilities, this vulnerability was in fact used in a very highly sophisticated attack against very specific individuals on iOS.
The second vulnerability, CVE-2025-31201, with a CVSS score of 6.8, finds itself within the RPAC component. This vulnerability can be exploited by an attacker with arbitrary read and write capabilities. This new breach lets them bypass Pointer Authentication, making devices more vulnerable to potential attacks.
Update Availability
In reaction to these weaknesses, Apple has released version updates to its entire device family. iOS and iPadOS devices now have updates available in version 18.4.1, while macOS Sequoia has been updated to version 15.4.1. Further, tvOS and visionOS have both been updated to versions 18.4.1 and 2.4.1 respectively.
These modifications may seem small, but these are improvements that extend to a wide range of specific model variations. This encompasses the iPhone XS and later, iPad Pro 13-inch and later, iPad Pro 11-inch 1st gen and later, and all models of Apple TV HD & Apple TV 4K. The Apple Vision Pro isn’t the only device that has improved thanks to visionOS 1.5.
Importance of Updating
Those who use Apple devices need to deploy these updates as soon as possible. By taking such proactive steps, agencies will significantly reduce risks posed by vulnerabilities. The updates increase security by addressing known vulnerabilities. As the chips shrink, they improve the overall performance and functionality of the devices which helps improve the profit margin.
Apple’s early response in fixing these vulnerabilities sets a positive precedent for other tech companies by prioritizing user safety and device integrity. Apple has long guaranteed that consumers have seamless access to updates. This gives them the confidence to secure their devices from advanced attacks that pose threats to sensitive personal data.