Active Exploitation of Vulnerabilities in Apple Products

Apple has released security updates addressing multiple vulnerabilities (CVE-2025-31200 and CVE-2025-31201) in their products. These vulnerabilities are reportedly being actively exploited.

The vulnerabilities are:

• CVE-2025-31200: Successful exploitation of the memory corruption vulnerability could allow an attacker to perform code execution by processing an audio stream in a maliciously crafted media file.

• CVE-2025-31201: Successful exploitation of the vulnerability could potentially allow an attacker with arbitrary read and write privileges to bypass Pointer Authentication.

The vulnerabilities affect the following products:

• iPhone XS and later

• iPad Pro 13-inch

• iPad Pro 13.9-inch 3rd generation and later

• iPad Pro 11-inch 1st generation and later

• iPad Air 3rd generation and later

• iPad 7th generation and later

• iPad mini 5th generation and later

• Macs running macOS Sequoia

• Apple TV HD and Apple TV 4K (all models)

• Apple Vision Pro

Users and administrators of affected products are advised to update to the latest versions immediately.

Users are also advised to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates.

More information is available here:

https://nvd.nist.gov/vuln/detail/CVE-2025-31200

https://nvd.nist.gov/vuln/detail/CVE-2025-31201

https://thehackernews.com/2025/04/apple-patches-two-actively-exploited.html