Apple has released emergency security updates to fix two newly discovered zero-day vulnerabilities that were actively exploited in highly targeted attacks against iPhone users.
The flaws, tracked as CVE-2025-31200 and CVE-2025-31201, impact iOS, macOS, iPadOS, tvOS, and visionOS. According to Apple, the vulnerabilities were part of an “extremely sophisticated attack” targeting specific individuals using iPhones.
- CVE-2025-31200, found in CoreAudio, can allow attackers to execute remote code by tricking a user into playing a malicious media file.
- CVE-2025-31201, in RPAC, could let attackers with system access bypass Pointer Authentication (PAC), a key iOS defense against memory corruption.
Apple credited both its internal teams and Google’s Threat Analysis Group for discovering the CoreAudio flaw. The company did not provide additional technical details, citing security reasons.
The security patches are available in the following software versions:
- iOS 18.4.1 / iPadOS 18.4.1
- macOS Sequoia 15.4.1
- tvOS 18.4.1
- visionOS 2.4.1
Affected Devices Include:
- iPhone XS and newer
- iPad models including iPad Pro (11/13-inch), iPad Air (3rd gen+), iPad mini (5th gen+), and iPad 7th gen+
- All Apple TV HD/4K models
- Apple Vision Pro
- macOS devices running Sequoia
Despite the attack being highly targeted, Apple urges all users to update immediately to stay protected.
