HTTP: Apple macOS CoreAudio mRemappingArray Memory Corruption

This signature detects attempts to exploit a known vulnerability against Apple macOS. A successful attack can lead to arbitrary code execution.

Extended Description

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

Affected Products

Apple b'macos'

References

CVE: CVE-2025-31200

Short Name
HTTP:STC:APPLEOS-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2025-31200 CoreAudio Corruption Memory mRemappingArray macOS
Release Date
06/20/2025
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3819
False Positive
Unknown
Vendors

Apple

Found a potential security threat?