mirror of
https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201.git
synced 2026-02-12 12:53:05 +00:00
Update README.md
Cleaning up
This commit is contained in:
Joseph Goydish II
committed by
GitHub
GitHub
parent
36bb7d1a0b
commit
bb1a514e96
@@ -27,7 +27,7 @@ In post‑pivot testing, misuse of CryptoTokenKit signing operations was observe
|
||||
- **Propagation conditions:** Peer token reuse across AWDL observed; potential cross-device risk if token caches survive
|
||||
## Scope of Impact
|
||||
|
||||
- **Affected:** iOS ≤ 18.4
|
||||
- **Affected:** iOS 18.4 and below
|
||||
- **Patched:** iOS 18.4.1 (Apr 16, 2025) — fixes CVE‑2025‑31200, CVE‑2025‑31201
|
||||
- **Vector:** Zero‑click iMessage/SMS from known sender (bypasses BlastDoor/Blackhole)
|
||||
- **Primary component:** AudioConverterService (CoreAudio AAC decoder) → AppleBCMWLAN.dext (kernel escalation)
|
||||
|
||||
Reference in New Issue
Block a user