Input Sanitization Flaw in Apple Products
CVE-2025-31234

8.2HIGH

Key Information:

Vendor: Apple
Status: TV OS; Mac OS; iOS And iPad OS; Visionos
Vendor: CVE Published:; 12 May 2025

What is CVE-2025-31234?

This vulnerability arises from inadequate input sanitization, which could potentially allow an attacker to exploit the flaw, leading to unexpected system termination or corruption of kernel memory. Apple has addressed this issue in several recent updates across multiple platforms, including visionOS, iOS, iPadOS, macOS, and tvOS, emphasizing the importance of maintaining updated software to enhance security.

Affected Version(s)

iOS and iPadOS < 18.5

macOS < 15.5

tvOS < 18.5

References

https://support.apple.com/en-us/122720

https://support.apple.com/en-us/122716

https://support.apple.com/en-us/122404

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2025
Vulnerability Reserved
Mar 27, 2025