Apple Patches Exploited Vulnerability, (Wed, Apr 16th)
苹果修复了两个已被利用的安全漏洞,影响iOS、macOS、tvOS和visionOS系统,并发布了相关更新版本。这两个漏洞可能导致代码执行或绕过指针验证机制,已被用于针对特定目标的复杂攻击。 2025-4-16 18:44:59 Author: isc.sans.edu(查看原文) 阅读量:7 收藏
苹果修复了两个已被利用的安全漏洞,影响iOS、macOS、tvOS和visionOS系统,并发布了相关更新版本。这两个漏洞可能导致代码执行或绕过指针验证机制,已被用于针对特定目标的复杂攻击。 2025-4-16 18:44:59 Author: isc.sans.edu(查看原文) 阅读量:7 收藏
Today, Apple patched two vulnerabilities that had already been exploited. The vulnerabilities were exploited against iOS but also exist in macOS, tvOS, and visionOS. Apple released updates for all affected operating systems.
| iOS 18.4.1 and iPadOS 18.4.1 | macOS Sequoia 15.4.1 | tvOS 18.4.1 | visionOS 2.4.1 |
|---|---|---|---|
| CVE-2025-31200: Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.. Affects CoreAudio |
|||
| x | x | x | x |
| CVE-2025-31201: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.. Affects RPAC |
|||
| x | x | x | x |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
文章来源: https://isc.sans.edu/diary/rss/31866
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh