CVE-2025-31201

ENISA EUVD: EUVD-2025-11381 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 7 articles Published: 2025-04-16

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

1.94%

probability

This CVE has a 1.94% probability of being exploited in the next 30 days.

0% Top 83.7th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

9.8

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

Affected Products

Apple

iOS and iPadOS

Apple

macOS

Apple

tvOS

Apple

visionOS

apple

macos

apple

tvos

apple

visionos

apple

ipados

apple

iphone os

Apple

tvOS

0 <18.4.1

Apple

tvOS

unspecified <18.4

Apple

iOS and iPadOS

0 <18.4.1

Apple

macOS

0 <15.4.1

Apple

visionOS

0 <2.4.1

Apple

visionOS

unspecified <2.4

Apple

macOS

unspecified <15.4

Apple

iOS iOS and iPadOS

unspecified <18.4

Attack Intelligence

CWE-1220 · Insufficient Granularity of Access Control CWE-284 · Improper Access Control

Google Project Zero

Patched

April 16, 2025

Reported by

Apple

https://support.apple.com/en-us/122282

https://support.apple.com/en-us/122400

https://support.apple.com/en-us/122401

https://support.apple.com/en-us/122402

Signal Intelligence

Confidenceⓘ

92%

EPSS 1.94%

CVSS v3.1 9.8

Mentions 7

Last Seen Dec 13, 2025

CNA Information

CNA Assigner

apple

Analyst Note

This Pointer Authentication bypass vulnerability in visionOS receives a CONFIRMED status due to strong evidence: Apple's official acknowledgment of active exploitation in sophisticated targeted attacks, a critical CVSS 3.0 score of 9.8, confirmed fix across multiple Apple platforms, and reporting from reputable cybersecurity sources including Google Project Zero involvement. The vulnerability has been actively exploited in the wild prior to patching.

Threat Actors 7

Hacking Team

apt_group 🇮🇹 IT

Tick

apt_group Information theft and espionage 🇨🇳 CN

Infy

apt_group Information theft and espionage 🇮🇷 IR

Operation Red Signature

apt_group Information theft and espionage 🇨🇳 CN

Mana Team

apt_group 🇨🇳 CN

Operation Triangulation

apt_group Information theft and espionage 🇷🇺 RU

Lurk

apt_group Financial crime 🇷🇺 RU

Triage Info

Decided atMar 03, 2026

Published DateApr 16, 2025