June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Oracle Products Vulnerabilities
April 28, 2025
Multiple Microsoft Products Vulnerabilities
April 28, 2025
Multiple Oracle Products Vulnerabilities
April 28, 2025
Multiple Microsoft Products Vulnerabilities
April 28, 2025
Severity
High
Analysis Summary
CVE-2023-42977 CVSS:7.8
Apple macOS, iOS and iPadOS could allow a remote attacker to break out of the sandbox, caused by a path handling issue in the Power Services component.
CVE-2025-31200 CVSS:7.5
Apple tvOS, visionOS, iOS, iPadOS and macOS Sequoia could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the CoreAudio component when opening a specially crafted media file.
Impact
- Security Bypass
- Code Execution
Indicators of Compromise
CVE
CVE-2023-42977
CVE-2025-31200
Affected Vendors
- Apple
Affected Products
- Apple macOS Ventura
- Apple iOS and iPadOS - 16
- Apple visionOS - 2.4.0
- Apple iOS - 18.4.0
- Apple tvOS - 18.4.0
- Apple macOS Sequoia- 15.4.0
- Apple iPadOS - 18.4.0
Remediation
Refer to Apple Security Advisory for patch, upgrade, or suggested workaround information.
