Description
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
Published: 2025-05-12
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Kernel memory corruption causing system termination
Action: Apply patch
AI Analysis

Impact

The vulnerability is a buffer overflow (CWE-119) that can lead to corruption of kernel memory, potentially causing the system to terminate unexpectedly. An attacker may trigger this flaw by delivering crafted input that exploits improper memory handling, resulting in kernel memory corruption.

Affected Systems

Apple devices running iOS earlier than 18.5, iPadOS earlier than 18.5 or 17.7.7, macOS versions before Sequoia 15.5, Sonoma 14.7.6, Ventura 13.7.6, tvOS before 18.5, visionOS before 2.5, and watchOS before 11.5 are vulnerable because the firmware does not include the enhanced memory safety fixes introduced in the listed newer releases.

Risk and Exploitability

The CVSS score of 7.1 indicates a moderate‑to‑high severity. The EPSS score below 1% suggests that exploitation in the wild is currently rare. This vulnerability is not listed in CISA's KEV catalog. The attack vector is not defined in the supplied data; it is not clear whether local or remote access is required to trigger the memory corruption, so the exact exposure remains unknown.

Generated by OpenCVE AI on April 28, 2026 at 22:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Apple operating system release that includes the memory‑handling fix, such as iOS 18.5, iPadOS 18.5/17.7.7, macOS Sequoia 15.5, Sonoma 14.7.6, Ventura 13.7.6, tvOS 18.5, visionOS 2.5 or watchOS 11.5.
  • If an update cannot be applied immediately, isolate the affected device on a segmented network and enforce strict access controls to limit exposure to the vulnerable component.
  • Continuously monitor system logs for abnormal kernel crashes or suspicious memory access patterns, and apply any additional hardening recommendations from Apple to reduce the likelihood of exploitation.

Generated by OpenCVE AI on April 28, 2026 at 22:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-14506 The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
History

Tue, 28 Apr 2026 23:15:00 +0000

Type Values Removed Values Added
Title Memory Corruption Vulnerability Leading to System Termination in Apple Operating Systems

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An attacker may be able to cause unexpected system termination or corrupt kernel memory. The issue was addressed with improved memory handling. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory.

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Tue, 27 May 2025 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple iphone Os
Apple macos
Apple tvos
Apple visionos
Apple watchos
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple iphone Os
Apple macos
Apple tvos
Apple visionos
Apple watchos

Tue, 13 May 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 12 May 2025 21:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
References

Subscriptions

Apple Ipados Iphone Os Macos Tvos Visionos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:07:29.099Z

Reserved: 2025-03-27T16:13:58.317Z

Link: CVE-2025-31219

cve-icon Vulnrichment

Updated: 2025-11-03T19:49:49.048Z

cve-icon NVD

Status : Modified

Published: 2025-05-12T22:15:22.703

Modified: 2026-04-02T19:19:49.687

Link: CVE-2025-31219

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T23:00:13Z

Weaknesses