Full Disclosure mailing list archives

Re: [FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft


From: josephgoyd via Fulldisclosure <fulldisclosure () seclists org>
Date: Thu, 02 Oct 2025 21:42:10 +0000

Updated repo location: https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201

Working exploit: 
https://www.dropbox.com/scl/fi/oerpnhq1ui3xfswsszfh2/Audio-clip.amr?rlkey=7n54m1o84poezyipxvd2f9slx&st=b1tkonvr&dl=0

On Mon, Jun 9, 2025 at 10:48 PM, josephgoyd via Fulldisclosure <[fulldisclosure () seclists org](mailto:On Mon, Jun 9, 
2025 at 10:48 PM, josephgoyd via Fulldisclosure <<a href=)> wrote:

Hello Full Disclosure,

This is a strategic public disclosure of a zero-click iMessage exploit chain that was discovered live on iOS 18.2 and 
remained unpatched through iOS 18.4. It enabled Secure Enclave key theft, wormable remote code execution, and 
undetectable crypto wallet exfiltration. Despite responsible disclosure, the research was suppressed by the vendor. 
Apple issued a silent fix in iOS 18.4.1 (April 2025) without public acknowledgment or credit.

This post establishes authorship, ensures technical transparency, and invites peer review. It is published to resist 
institutional suppression and promote user awareness.

Summary:

-

CVEs: CVE-2025-31200 & CVE-2025-31201

-

Affected Devices: iPhones running iOS 18.2 through iOS 18.4

-

Exploitable at Discovery: Yes (active zero-day on iOS 18.2 at time of report)

-

Trigger: Zero-click MP4 with AAC audio sent via iMessage

-

Exploit Chain: Blastdoor trust bypass → CoreAudio heap corruption → PAC bypass → Secure Enclave key theft → wormable 
peer injection

-

Impact: Full device compromise, crypto key theft, identity hijacking, peer-to-peer propagation

-

Patched: iOS 18.4.1 (quiet release)

Technical Overview:
Apple’s trust model allowed audio messages from known iMessage senders to bypass Blastdoor sandboxing. A crafted MP4 
file with AAC encoding triggered heap corruption in CoreAudio (CVE-2025-31200), leading to RCE. This was chained with 
a malformed AMPDU metadata exploit (CVE-2025-31201) that bypassed Pointer Authentication (PAC), enabling kernel-level 
control.

The exploit chain facilitated:

-

Extraction of Secure Enclave–protected keys via CryptoTokenKit

-

Forgery of Apple identity sessions

-

Silent crypto wallet draining

-

Peer injection and lateral device propagation via MultipeerConnectivity

Context & Urgency:
This disclosure parallels recent real-world incidents such as the Oil Engineering crypto theft, where enclave misuse 
and identity spoofing led to material loss. With escalating social engineering threats and trust-channel abuse in 
mobile ecosystems, this case illustrates systemic risk.

Disclosure Timeline:

-

Dec 20, 2024 — Live zero-day discovered on iOS 18.2 and reported to Apple (Report ID: OE19648805943313)

-

Jan 21, 2025 — Escalated to US-CERT / CISA (Tracking ID: VRF#25-01-MPVDT)

-

Apr 11, 2025 — Full exploit chain submitted to Google Project Zero

-

Apr 16, 2025 — Quiet patch issued in iOS 18.4.1

-

Jun 6, 2025 — Public full disclosure

CVEs Assigned:

-

CVE-2025-31200 — Heap corruption in CoreAudio AAC decoder

-

CVE-2025-31201 — Kernel escalation via malformed AMPDU metadata (PAC bypass)

Write-Up and Artifacts:
https://weareapartyof1.substack.com/p/the-crypto-heist-apple-kept-quiet

Validation:

-

Reproducible on iOS 18.2 and iOS 18.4

-

Exploit artifacts verified by independent researchers

-

No active payloads or binaries distributed

-

Logs, call traces, and affected APIs fully documented

Call for Collaboration:
Researchers are encouraged to reproduce the trust bypass conditions, verify CryptoTokenKit key exposure, and evaluate 
Secure Enclave leakage vectors. I welcome validation, feedback, and partnership on wider threat modeling.

Final Note:
This disclosure creates a permanent public record of suppressed vulnerability research. Apple quietly fixed the 
issue. But they never told you. This record stands for those who weren’t informed, warned, or credited.

Joseph Goydish II
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread: