CVE-2025-31233

The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.

CVSS v3 6.3 MEDIUM

6.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/122404
https://support.apple.com/en-us/122405
https://support.apple.com/en-us/122716
https://support.apple.com/en-us/122717
https://support.apple.com/en-us/122718
https://support.apple.com/en-us/122720
https://support.apple.com/en-us/122721
https://support.apple.com/en-us/122722

Configurations

No configuration.

History

13 May 2025, 19:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.3
CWE		CWE-20
Summary		(es) El problema se solucionó mejorando la limpieza de entrada. Este problema está corregido en watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 y iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5 y macOS Ventura 13.7.6. Procesar un archivo de vídeo manipulado con fines maliciosos puede provocar el cierre inesperado de la aplicación o la corrupción de la memoria del proceso.

12 May 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-12 22:15

Updated : 2025-05-13 19:35

NVD link : CVE-2025-31233

Mitre link : CVE-2025-31233

CVE.ORG link : CVE-2025-31233

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2025-31233", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}]}, "published": "2025-05-12T22:15:23.683", "references": [{"url": "https://support.apple.com/en-us/122404", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122405", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122716", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122717", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122718", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122720", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122721", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/122722", "source": "product-security@apple.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory."}, {"lang": "es", "value": "El problema se solucion\u00f3 mejorando la limpieza de entrada. Este problema est\u00e1 corregido en watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 y iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5 y macOS Ventura 13.7.6. Procesar un archivo de v\u00eddeo manipulado con fines maliciosos puede provocar el cierre inesperado de la aplicaci\u00f3n o la corrupci\u00f3n de la memoria del proceso."}], "lastModified": "2025-05-13T19:35:25.503", "sourceIdentifier": "product-security@apple.com"}