Apple has released emergency security updates for iOS/iPadOS, macOS, tvOS and visionOS that fix two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) that have been exploited “in an extremely sophisticated attack against specific targeted individuals on iOS.” CVE-2025-31200 and CVE-2025-31201 CVE-2025-31200 affects CoreAudio, an API Apple devices use for processing audio. The memory corruption vulnerability can be triggered with a maliciously crafted media file: when the audio stream in it is processed, it allows attackers to execute malicious … More
The post Apple plugs zero-days holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) appeared first on Help Net Security.
This article has been indexed from Help Net Security