Known Exploited Vulnerabilities CVE-2025-31200

Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability exploitation_technique T1203 Exploitation for Client Execution
Comments
A strategic zero-click iMessage exploit chain (CVE-2025-31200 / 31201) has been reported as compromising targeted devices with Paragon's Graphite spyware. Observed impacts include Secure Enclave key exfiltration, silent wallet theft, C2 infrastructure, and persistent C2 communication.
References
CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability primary_impact T1105 Ingress Tool Transfer
Comments
A strategic zero-click iMessage exploit chain (CVE-2025-31200 / 31201) has been reported as compromising targeted devices with Paragon's Graphite spyware. Observed impacts include Secure Enclave key exfiltration, silent wallet theft, C2 infrastructure, and persistent C2 communication.
References
CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability secondary_impact T1562 Impair Defenses
Comments
A strategic zero-click iMessage exploit chain (CVE-2025-31200 / 31201) has been reported as compromising targeted devices with Paragon's Graphite spyware. Observed impacts include Secure Enclave key exfiltration, silent wallet theft, C2 infrastructure, and persistent C2 communication.
References
CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability secondary_impact T1106 Native API
Comments
A strategic zero-click iMessage exploit chain (CVE-2025-31200 / 31201) has been reported as compromising targeted devices with Paragon's Graphite spyware. Observed impacts include Secure Enclave key exfiltration, silent wallet theft, C2 infrastructure, and persistent C2 communication.
References
CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability secondary_impact T1059 Command and Scripting Interpreter
Comments
A strategic zero-click iMessage exploit chain (CVE-2025-31200 / 31201) has been reported as compromising targeted devices with Paragon's Graphite spyware. Observed impacts include Secure Enclave key exfiltration, silent wallet theft, C2 infrastructure, and persistent C2 communication.
References
CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability secondary_impact T1001 Data Obfuscation
Comments
A strategic zero-click iMessage exploit chain (CVE-2025-31200 / 31201) has been reported as compromising targeted devices with Paragon's Graphite spyware. Observed impacts include Secure Enclave key exfiltration, silent wallet theft, C2 infrastructure, and persistent C2 communication.
References
CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability secondary_impact T1557 Adversary-in-the-Middle
Comments
A strategic zero-click iMessage exploit chain (CVE-2025-31200 / 31201) has been reported as compromising targeted devices with Paragon's Graphite spyware. Observed impacts include Secure Enclave key exfiltration, silent wallet theft, C2 infrastructure, and persistent C2 communication.
References