CVE-2025-31201

Name of the Vulnerable Software and Affected Versions Apple products (affected versions not specified) iOS versions prior to 18.4.1 iPadOS versions prior to 18.4.1 macOS Sequoia versions prior to 15.4.1 tvOS versions prior to 18.4.1 visionOS versions prior to 2.4.1

Description This issue involves a flaw in the Reconfigurable Processing Architecture Core (RPAC), a hardware component in newer Apple Silicon chips. The issue allows an attacker with arbitrary read and write capabilities to bypass Apple's Pointer Authentication Code (PAC), potentially enabling arbitrary memory access. Apple is aware of reports indicating this issue was exploited in extremely sophisticated attacks targeting specific individuals on iOS devices. The vulnerability was addressed by removing the vulnerable code.

Recommendations Update iOS to version 18.4.1. Update iPadOS to version 18.4.1. Update macOS Sequoia to version 15.4.1. Update tvOS to version 18.4.1. Update visionOS to version 2.4.1.