CVE-2025-31241 | ByteOS Network

Vulnerability Details :

CVE-2025-31241

Assigner-apple

Assigner Org ID-286789f9-fbc2-4510-9f9a-43facdede74c

Published At-12 May, 2025 | 21:43

Updated At-14 Aug, 2025 | 21:01

A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.

EPSS History

Score

Latest Score

-

N/A

Percentile

Latest Percentile

-

N/A

▼Common Vulnerabilities and Exposures (CVE)

Assigner:apple

Assigner Org ID:286789f9-fbc2-4510-9f9a-43facdede74c

Published At:12 May, 2025 | 21:43

Updated At:14 Aug, 2025 | 21:01

▼CVE Numbering Authority (CNA)

A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.

Affected Products

Vendor

Product

Versions

Affected

From unspecified before 18.5 (custom)

Vendor

Product

Versions

Affected

From unspecified before 15.5 (custom)

Vendor

Product

Versions

Affected

From unspecified before 17.7 (custom)

Vendor

Product

Versions

Affected

From unspecified before 18.5 (custom)

Vendor

Product

Versions

Affected

From unspecified before 14.7 (custom)

Vendor

Product

Versions

Affected

From unspecified before 2.5 (custom)

Vendor

Product

Versions

Affected

From unspecified before 11.5 (custom)

Vendor

Product

Versions

Affected

From unspecified before 13.7 (custom)

Problem Types

Type	CWE ID	Description
N/A	N/A	A remote attacker may cause an unexpected app termination

Type: N/A

CWE ID: N/A

Description: A remote attacker may cause an unexpected app termination

References

Hyperlink	Resource
https://support.apple.com/en-us/122720	N/A
https://support.apple.com/en-us/122716	N/A
https://support.apple.com/en-us/122405	N/A
https://support.apple.com/en-us/122404	N/A
https://support.apple.com/en-us/122717	N/A
https://support.apple.com/en-us/122721	N/A
https://support.apple.com/en-us/122722	N/A
https://support.apple.com/en-us/122718	N/A

Hyperlink: https://support.apple.com/en-us/122720

Resource: N/A

Hyperlink: https://support.apple.com/en-us/122716

Resource: N/A

Hyperlink: https://support.apple.com/en-us/122405

Resource: N/A

Hyperlink: https://support.apple.com/en-us/122404

Resource: N/A

Hyperlink: https://support.apple.com/en-us/122717

Resource: N/A

Hyperlink: https://support.apple.com/en-us/122721

Resource: N/A

Hyperlink: https://support.apple.com/en-us/122722

Resource: N/A

Hyperlink: https://support.apple.com/en-us/122718

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Problem Types

Type	CWE ID	Description
CWE	CWE-415	CWE-415 Double Free

Type: CWE

CWE ID: CWE-415

Description: CWE-415 Double Free

Metrics

Version	Base score	Base severity	Vector
3.1	5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Version: 3.1

Base score: 5.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Metrics Other Info

▼National Vulnerability Database (NVD)

Source:product-security@apple.com

Published At:12 May, 2025 | 22:15

Updated At:27 May, 2025 | 21:26

A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Type: Secondary

Version: 3.1

Base score: 5.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CPE Matches

>>ipados>>Versions before 17.7.7(exclusive)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

>>ipados>>Versions from 18.0(inclusive) to 18.5(exclusive)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

>>iphone_os>>Versions before 18.5(exclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

>>macos>>Versions before 13.7.6(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

>>macos>>Versions from 14.0(inclusive) to 14.7.6(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

>>macos>>Versions from 15.0(inclusive) to 15.5(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

>>tvos>>Versions before 18.5(exclusive)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

>>visionos>>Versions before 2.5(exclusive)

cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

>>watchos>>Versions before 11.5(exclusive)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-415	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-415

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://support.apple.com/en-us/122404	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/122405	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/122716	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/122717	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/122718	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/122720	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/122721	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/122722	product-security@apple.com	Release Notes Vendor Advisory

Hyperlink: https://support.apple.com/en-us/122404

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://support.apple.com/en-us/122405

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://support.apple.com/en-us/122716

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://support.apple.com/en-us/122717

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://support.apple.com/en-us/122718

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://support.apple.com/en-us/122720

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://support.apple.com/en-us/122721

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://support.apple.com/en-us/122722

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory