Apple has rolled out critical security updates across its platforms, including iOS, iPadOS, macOS Sequoia, tvOS, and visionOS, to patch two newly discovered security flaws that are reportedly being actively exploited in the wild.
One of the zero-day flaws is tracked as CVE-2025-31200 and is described as a memory corruption flaw in the Core Audio framework, potentially allowing arbitrary code execution when processing maliciously crafted media files.
The second flaw is CVE-2025-31201, an improper authentication issue in the RPAC component, which could allow attackers with arbitrary read/write access to bypass Pointer Authentication security protections.
According to Apple, the flaws have been used in “extremely sophisticated attacks” targeting specific individuals, underscoring the urgent need for users to update their devices.
The security updates are available for iOS 18.4.1 / iPadOS 18.4.1 iPhone XS and later, iPad Pro 13-inch and newer, iPad Air 3rd generation and later, iPad 7th generation and later, iPad mini 5th generation and later);
macOS Sequoia 15.4.1; tvOS 18.4.1 (Apple TV HD and all Apple TV 4K models); visionOS 2.4.1 (Apple Vision Pro).
CVE-2025-31200 was mitigated via improved bounds checking, while CVE-2025-31201 was addressed by removing the vulnerable code.
With this latest update, Apple has now patched a total of five actively exploited zero-day vulnerabilities since the start of 2025, including:
-
CVE-2025-24085 – A use-after-free bug in Core Media that could elevate privileges for malicious apps
-
CVE-2025-24200 – An authorization issue in Accessibility used to disable USB Restricted Mode
-
CVE-2025-24201 – An out-of-bounds write in WebKit enabling sandbox escapes via crafted web content
Users are strongly encouraged to update their devices immediately to minimize the risk of attacks
