Login Sign Up

CVE-2025-31219

7.1 HIGH
Denial of Service

📋 TL;DR

This is a memory corruption vulnerability in Apple operating systems that could allow an attacker to cause system crashes or corrupt kernel memory. It affects multiple Apple platforms including iOS, macOS, watchOS, tvOS, and visionOS. Users running affected versions are vulnerable to potential denial of service attacks.

💻 Affected Systems

Products:
  • iOS
  • iPadOS
  • macOS
  • watchOS
  • tvOS
  • visionOS
Versions: Versions prior to watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5, iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6
Operating Systems: Apple iOS, Apple iPadOS, Apple macOS, Apple watchOS, Apple tvOS, Apple visionOS
Default Config Vulnerable: ⚠️ Yes
Notes: All standard configurations of affected Apple operating systems are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

Visionos by Apple

View all CVEs affecting Visionos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to system compromise, potential privilege escalation, or persistent denial of service requiring hardware reset.

🟠

Likely Case

System crash or unexpected termination causing temporary denial of service and potential data loss in unsaved applications.

🟢

If Mitigated

No impact if patched; unpatched systems remain vulnerable to crashes but with proper network controls, remote exploitation risk is reduced.

🌐 Internet-Facing: MEDIUM - While the vulnerability could be exploited remotely, Apple's security architecture provides some protection layers.
🏢 Internal Only: MEDIUM - Internal attackers with local access could potentially exploit this vulnerability to cause system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Memory corruption vulnerabilities typically require some level of sophistication to exploit reliably. The CWE-119 classification suggests improper memory handling that could be leveraged by skilled attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6

Vendor Advisory: https://support.apple.com/en-us/122404

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Navigate to General > Software Update. 3. Download and install the latest available update. 4. Restart the device when prompted.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to vulnerable Apple devices to reduce attack surface

Application Whitelisting

all

Limit which applications can run on affected devices to reduce potential attack vectors

🧯 If You Can't Patch

  • Isolate affected devices from untrusted networks and internet access
  • Implement strict monitoring for system crashes or unexpected reboots

🔍 How to Verify

Check if Vulnerable:

Check current OS version in Settings > General > About on iOS/iPadOS or Apple menu > About This Mac on macOS

Check Version:

On macOS: sw_vers -productVersion. On iOS/iPadOS: Check in Settings > General > About > Version

Verify Fix Applied:

Verify OS version matches or exceeds patched versions listed in fix_official.patch_version

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • Unexpected system reboots
  • Crash reports in Console.app

Network Indicators:

  • Unusual network traffic patterns to/from Apple devices
  • Multiple connection attempts to device services

SIEM Query:

source="apple_system_logs" AND (event="kernel_panic" OR event="system_crash" OR message="panic")

📊 Metadata

CVE ID: CVE-2025-31219
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CWE: CWE-119
EPSS Score: 0.16% exploit probability (37.3th percentile)
Published: May 12, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-31219, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)