# Phase 2 — Flagship Case Selection Selection criteria (from the brief): most external anchors already visible, confirmation email available, defensible role statement, strongest credibility signal on a name lookup. ## Track B — Flagship #1 (strongest in dataset) ### **CVE-2025-31200 / CVE-2025-31201 — CoreAudio decode RCE + RPAC bypass chain** **Why this is the flagship.** A single CISA Authorized Data Publisher (ADP) write to NVD at `2025-11-24T15:15:47.917Z` simultaneously: - removed the prior CVSS v3.1 vector, - added the new CVSS v3.1 vector `AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` → base 9.8, - added a Reference to `https://github.com/cisagov/vulnrichment/issues/200` (your issue), - added a Reference to `https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201/blob/main/Remote%20Crypto%20Attack%20Chain%20.md` (your repo). That ADP source UUID is `134c704f-9b21-4f2e-91b3-4a467353bcc0` — CISA, not you. The action is logged by NVD, not you. The vulnrichment issue `#200` is closed by CISA on `2025-11-24T14:46:17Z`, ~30 minutes before the rescore. That timing chain is independently reconstructible by any third party via the NVD CVE History API and the public GitHub issue timeline. **Honest role statement.** "Contributed to CISA ADP CVSS impact reassessment for CVE-2025-31200 and CVE-2025-31201 via `cisagov/vulnrichment` issue #200. The CISA ADP referenced the JGoyd research repository as a third-party advisory and the GitHub issue as issue-tracking on the NVD records. Original vulnerability discovery is credited by Apple to another reporter." **Do not claim.** Original discovery. Apple-acknowledged finder. Exploit author. **External anchors (all third-party-controlled):** - NVD CVE record: https://nvd.nist.gov/vuln/detail/CVE-2025-31200 - NVD CVE History API: https://services.nvd.nist.gov/rest/json/cvehistory/2.0?cveId=CVE-2025-31200 - CISA vulnrichment issue: https://github.com/cisagov/vulnrichment/issues/200 - Apple advisory: https://support.apple.com/en-us/122282 - CISA KEV catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31200 **Confirmation-email artifacts to publish (if held):** - Vendor (Apple Product Security) acknowledgement, if any, of the analysis material you sent → `.eml` - CERT/CC VINCE or VRF acknowledgement for the chain analysis → `.eml` - (CISA does not typically send DKIM-confirming emails for vulnrichment issue closures; the GitHub issue audit log + NVD API serve that role.) --- ## Track B — Flagship #2 (secondary) ### **CVE-2025-24085 / CVE-2025-24201 — Glass Cage iOS 18 chain (CoreMedia UAF + WebKit OOB write)** **Why this is the second flagship.** Same ADP-pattern as Flagship #1 but slightly weaker because: - The ADP rescore (2025-11-12) added the CVSS to **10.0** and added vulnrichment#194 as Issue-Tracking, - but the JGoyd repo `Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201` is referenced under the generic `af854a3a-…` NVD source ID, not directly under the CISA ADP UUID. Still externally anchored, just by NVD's generic ingest rather than by ADP atomic write. **Honest role statement.** "Submitted CVSS impact-reassessment request via `cisagov/vulnrichment` issue #194. CISA ADP raised the CVSS to 10.0 within 24 hours of issue closure. The JGoyd Glass Cage research repository is listed on the NVD record as a Third-Party Advisory." **External anchors:** - NVD records (×2), vulnrichment#194, Apple advisories, CISA KEV. --- ## Track A — Flagship (strongest "agency-controlled anchor" candidate) ### **A-09 — Lithuania, Panevėžio OTNK skyrius — Pre-trial investigation `01-1-03450-26`** (with **A-08 Slovakia** as a fallback if the Lithuania receipt PDF is not e-signed) **Why this is the Track-A flagship.** This is the closest to the task description's literal example ("agency PGP-signed / electronically-signed confirmation that submission was added to criminal case file #01-1-03450-26"). Three structural strengths: 1. **A specific, numbered, pre-trial criminal investigation file** — `01-1-03450-26` — opened by a sovereign prosecutor's office. The case-file number is itself the anchor; if a journalist asks Panevėžys Regional Prosecutor's Office whether file `01-1-03450-26` exists and whether your IBPS document number `IBPS-S-248320-26` is registered, they get a yes/no answer from the agency, independent of you. 2. **The Lithuanian IBPS (Integruota baudžiamojo proceso sistema) issues machine-signed receipts** — these are PAdES/CAdES-signed PDFs verifiable in any PDF signature validator without trusting you. 3. **No public adjudication exists yet** — so the framing is honest: filed, accepted into a case file, *not* an adjudication of the underlying allegations. That is exactly the disclaimer the brief requires. **Honest role statement.** "On 2026-04-30, I submitted material to the Panevėžys Regional Prosecutor's Office, Organized Crime and Corruption Investigation Division (Panevėžio OTNK skyrius). The office's IBPS system issued document registration number `IBPS-S-248320-26`, and the material was added to pre-trial criminal investigation file `01-1-03450-26`. Filing and acceptance into a pre-trial investigation file is **not** an adjudication of the underlying claims." **Backup (Slovakia, A-08).** If for any reason the Lithuania receipt cannot be safely redacted-and-published (e.g., it contains witness identifiers), publish Slovakia instead: `genpro.gov.sk` tracking `260428070422263` with the PAdES-signed "Potvrdenka po úplnom overení" receipt PDF. **OLAF (A-04) is *not* the flagship**, despite the BBC/Reuters coverage, because the publicly confirmed OLAF investigation predates the user's submission and therefore the user cannot be claimed as cause. It is still an excellent secondary anchor. --- ## What gets built first as a publication-ready proof package 1. **`/evidence/TRACK-B-CVE-2025-31200-CVE-2025-31201/`** — built around the NVD CVE-History atomic write as the primary anchor; the vendor/CERT acknowledgement email (if held) becomes the secondary cryptographic artifact. 2. **`/evidence/TRACK-A-LT-CASE-01-1-03450-26/`** — built around the IBPS-signed receipt PDF as the primary anchor; the prosecutor-office acknowledgement email (if held) becomes the secondary artifact. Everything else stays in the ledger at PARTIAL or PENDING status until its own anchor is produced.