CVE-2025-31201 - Apple Multiple Products Arbitrary Read and Write Vulnerability

Vulnerability Name

Apple Multiple Products Arbitrary Read and Write Vulnerability

Description

Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.apple.com/en-us/122282

https://support.apple.com/en-us/122400

https://support.apple.com/en-us/122401

https://support.apple.com/en-us/122402

https://nvd.nist.gov/vuln/detail/CVE-2025-31201

Related News Articles

Apple backports zero-day patches to older iPhones and iPadsSeptember 16, 2025

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted AttacksAugust 21, 2025

Apple fixes new zero-day flaw exploited in targeted attacksAugust 21, 2025

Apple patches security flaw exploited in Chrome zero-day attacksJuly 31, 2025