Multiple Apple Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-42977 CVSS:7.8

Apple macOS, iOS and iPadOS could allow a remote attacker to break out of the sandbox, caused by a path handling issue in the Power Services component.

CVE-2025-31200 CVSS:7.5

Apple tvOS, visionOS, iOS, iPadOS and macOS Sequoia could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the CoreAudio component when opening a specially crafted media file.

Impact

Security Bypass
Code Execution

Indicators of Compromise

CVE

CVE-2023-42977
CVE-2025-31200

Affected Vendors

Apple

Affected Products

Apple macOS Ventura
Apple iOS and iPadOS - 16
Apple visionOS - 2.4.0
Apple iOS - 18.4.0
Apple tvOS - 18.4.0
Apple macOS Sequoia- 15.4.0
Apple iPadOS - 18.4.0

Remediation

Refer to Apple Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2023-42977

CVE-2025-31200

Multiple Oracle Products Vulnerabilities

Multiple Microsoft Products Vulnerabilities

Multiple Apple Products Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan