CVE-2025-31208

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/122404	Release Notes Vendor Advisory
https://support.apple.com/en-us/122405	Release Notes Vendor Advisory
https://support.apple.com/en-us/122716	Release Notes Vendor Advisory
https://support.apple.com/en-us/122717	Release Notes Vendor Advisory
https://support.apple.com/en-us/122718	Release Notes Vendor Advisory
https://support.apple.com/en-us/122720	Release Notes Vendor Advisory
https://support.apple.com/en-us/122721	Release Notes Vendor Advisory
https://support.apple.com/en-us/122722	Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2025/May/10
http://seclists.org/fulldisclosure/2025/May/12
http://seclists.org/fulldisclosure/2025/May/5
http://seclists.org/fulldisclosure/2025/May/6
http://seclists.org/fulldisclosure/2025/May/8
http://seclists.org/fulldisclosure/2025/May/9

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

No history.

Information

Published : 2025-05-12 22:15

Updated : 2025-11-03 20:18

NVD link : CVE-2025-31208

Mitre link : CVE-2025-31208

CVE.ORG link : CVE-2025-31208

JSON object : View

Products Affected

apple

ipados
iphone_os
tvos
visionos
macos
watchos

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2025-31208", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-05-12T22:15:21.907", "references": [{"url": "https://support.apple.com/en-us/122404", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122405", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122716", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122717", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122718", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122720", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122721", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122722", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2025/May/10", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/May/12", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/May/5", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/May/6", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/May/8", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/May/9", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination."}, {"lang": "es", "value": "El problema se solucion\u00f3 mejorando las comprobaciones. Este problema est\u00e1 corregido en watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 y iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5 y macOS Ventura 13.7.6. Analizar un archivo puede provocar el cierre inesperado de la aplicaci\u00f3n."}], "lastModified": "2025-11-03T20:18:17.653", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "683ECAF8-DB29-40DB-963A-B95EA2A2AC01", "versionEndExcluding": "17.7.7"}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "069735D6-38B4-402A-9E79-1961701C9AD3", "versionEndExcluding": "18.5", "versionStartIncluding": "18.0"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF6AAC00-F384-4B0D-BBA9-C2AD278BF653", "versionEndExcluding": "18.5"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A90AA958-60F3-474C-B351-0F143B498B3E", "versionEndExcluding": "13.7.6"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EE6D3FD-8A49-48CF-80A3-0FFC6BA80B99", "versionEndExcluding": "14.7.6", "versionStartIncluding": "14.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7416C76-07EC-4132-A509-E3F62B002CCA", "versionEndExcluding": "15.5", "versionStartIncluding": "15.0"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "519C8A39-A24E-44B7-B1E8-6EF647FEFCA8", "versionEndExcluding": "18.5"}, {"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "047CDCCE-04BB-4D43-9831-7694992C5CC4", "versionEndExcluding": "2.5"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CBDEF1C-6D76-4F9D-8433-3AC16F3860F4", "versionEndExcluding": "11.5"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}