2 Apple Iphone Zero-Day Vulnerabilities Actively Exploited in Extremely Sophisticated Attacks
- С сайта: Zero-Day(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Zero-Day(cybersecuritynews.com)
Apple has released iOS 18.4.1 and iPadOS 18.4.1 to address two critical zero-day vulnerabilities that were actively exploited in highly targeted, sophisticated attacks against specific individuals iPhone.
The vulnerabilities, identified in the CoreAudio and RPAC components, could allow attackers to execute arbitrary code or bypass security protections on affected devices.
2 Zero Vulnerabilities Under Active Exploitation
CoreAudio Vulnerability
The first vulnerability, tracked as CVE-2025-31200 , resides in CoreAudio, a framework responsible for audio processing on iOS and iPadOS devices.
According to Apple, processing a maliciously crafted media file could trigger a memory corruption issue, potentially leading to code execution.
“Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.”
Apple, in collaboration with Google’s Threat Analysis Group, confirmed reports that this flaw was exploited in an advanced attack targeting select iOS users.
RPAC Vulnerability
The second vulnerability, CVE-2025-31201 , affects RPAC (Return-oriented Programming Attack Countermeasure), a security mechanism designed to protect against exploits.
This flaw could allow an attacker with arbitrary read and write capabilities to bypass Pointer Authentication, a feature that safeguards against code manipulation.
“An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.” Apple said.
Apple noted that this issue was also exploited in the same targeted campaign and has been mitigated by removing the vulnerable code.
Affected Devices and Mitigation
Targeted Attacks Highlight Growing Threat
While Apple has not disclosed specific details about the attacks, the company described them as “extremely sophisticated” and directed at specific individuals, suggesting a possible state-sponsored or highly resourced threat actor.
Such zero-day exploits, which leverage previously unknown vulnerabilities, are often used in espionage or targeted cyber campaigns due to their complexity and cost.
Apple emphasized its policy of not disclosing security issues until patches are available to protect users.
The company’s security release notes, published on April 16, 2025, provide detailed information about the vulnerabilities and affected devices. For more information on Apple’s security practices, users can visit the Apple Product Security page.
How to Update
To install iOS 18.4.1 or iPadOS 18.4.1, go to Settings > General > Software Update on your device. Apple strongly recommends all eligible users update as soon as possible to ensure protection against these vulnerabilities.
As cyber threats continue to evolve, Apple’s swift response to these zero-day exploits underscores the critical role of timely updates in safeguarding user privacy and security.
#Apple #Cyber_Security #Cyber_Security_News #iOS #Zero-Day
Оригинальная версия на сайте:
2 Apple Iphone Zero-Day Vulnerabilities Actively Exploited in Extremely Sophisticated Attacks
Author: Balaji NApple has released iOS 18.4.1 and iPadOS 18.4.1 to address two critical zero-day vulnerabilities that were actively exploited in highly targeted, sophisticated attacks against specific individuals iPhone.
The vulnerabilities, identified in the CoreAudio and RPAC components, could allow attackers to execute arbitrary code or bypass security protections on affected devices.
2 Zero Vulnerabilities Under Active Exploitation
CoreAudio Vulnerability
The first vulnerability, tracked as CVE-2025-31200 , resides in CoreAudio, a framework responsible for audio processing on iOS and iPadOS devices.
According to Apple, processing a maliciously crafted media file could trigger a memory corruption issue, potentially leading to code execution.
“Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.”
Apple, in collaboration with Google’s Threat Analysis Group, confirmed reports that this flaw was exploited in an advanced attack targeting select iOS users.
RPAC Vulnerability
The second vulnerability, CVE-2025-31201 , affects RPAC (Return-oriented Programming Attack Countermeasure), a security mechanism designed to protect against exploits.
This flaw could allow an attacker with arbitrary read and write capabilities to bypass Pointer Authentication, a feature that safeguards against code manipulation.
“An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.” Apple said.
Apple noted that this issue was also exploited in the same targeted campaign and has been mitigated by removing the vulnerable code.
Affected Devices and Mitigation
- iPhone XS and later
- iPad Pro 13-inch
- iPad Pro 13.9-inch (3rd generation and later)
- iPad Pro 11-inch (1st generation and later)
- iPad Air (3rd generation and later)
- iPad (7th generation and later)
- iPad mini (5th generation and later)
Targeted Attacks Highlight Growing Threat
While Apple has not disclosed specific details about the attacks, the company described them as “extremely sophisticated” and directed at specific individuals, suggesting a possible state-sponsored or highly resourced threat actor.
Such zero-day exploits, which leverage previously unknown vulnerabilities, are often used in espionage or targeted cyber campaigns due to their complexity and cost.
Apple emphasized its policy of not disclosing security issues until patches are available to protect users.
The company’s security release notes, published on April 16, 2025, provide detailed information about the vulnerabilities and affected devices. For more information on Apple’s security practices, users can visit the Apple Product Security page.
How to Update
To install iOS 18.4.1 or iPadOS 18.4.1, go to Settings > General > Software Update on your device. Apple strongly recommends all eligible users update as soon as possible to ensure protection against these vulnerabilities.
As cyber threats continue to evolve, Apple’s swift response to these zero-day exploits underscores the critical role of timely updates in safeguarding user privacy and security.
#Apple #Cyber_Security #Cyber_Security_News #iOS #Zero-Day
Оригинальная версия на сайте:
