CVE-2025-31251

The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/122404
https://support.apple.com/en-us/122405
https://support.apple.com/en-us/122716
https://support.apple.com/en-us/122717
https://support.apple.com/en-us/122718
https://support.apple.com/en-us/122720
https://support.apple.com/en-us/122721
https://support.apple.com/en-us/122722

Configurations

No configuration.

History

14 May 2025, 15:15

Type	Values Removed	Values Added
CWE		CWE-400
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

13 May 2025, 19:35

Type	Values Removed	Values Added
Summary		(es) El problema se solucionó mejorando la limpieza de entrada. Este problema está corregido en watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 y iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5 y macOS Ventura 13.7.6. Procesar un archivo multimedia manipulado con fines maliciosos puede provocar el cierre inesperado de la aplicación o la corrupción de la memoria del proceso.

12 May 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-12 22:15

Updated : 2025-05-14 15:15

NVD link : CVE-2025-31251

Mitre link : CVE-2025-31251

CVE.ORG link : CVE-2025-31251

JSON object : View

Products Affected

No product.

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2025-31251", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-05-12T22:15:25.167", "references": [{"url": "https://support.apple.com/en-us/122404", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122405", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122716", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122717", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122718", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122720", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122721", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122722", "source": "product-security@apple.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory."}, {"lang": "es", "value": "El problema se solucion\u00f3 mejorando la limpieza de entrada. Este problema est\u00e1 corregido en watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 y iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5 y macOS Ventura 13.7.6. Procesar un archivo multimedia manipulado con fines maliciosos puede provocar el cierre inesperado de la aplicaci\u00f3n o la corrupci\u00f3n de la memoria del proceso."}], "lastModified": "2025-05-14T15:15:58.073", "sourceIdentifier": "product-security@apple.com"}