Apple’s recently-released C1 modem has gotten some great press, but also appears to have a significant security flaw that requires the installation of iOS 18.5 to fix it.
Per Macworld, with the iOS 18.5 release on Monday, a fix was issued in regards to the iPhone 16e’s C1 modem, where a hacker with network privileges could hijack traffic. Below is the section from the security notes that describes the issue.
The specifics are as follows:
- Impact: An attacker in a privileged network position may be able to intercept network traffic
- Description: This issue was addressed through improved state management.
- CVE-2025-31214: 秦若涵, 崔志伟, and 崔宝江
- The corresponding CVE record in the CVE database is still listed as reserved and will be made public once it has been updated.
Considering the speed of which Apple released the patch—the phone has only been out for less than three months—it appears to be a serious issue.
Along with the C1 fix, iOS 18.5 includes some 30 security patches ranging from AppleJPEG to WebKit. It’s recommended that the update be installed immediately.
The iOS 18.5 update can be located, downloaded, and installed by navigating to Settings > General > Software Update and following the prompts. The iPhone will need to restart, so plan your iPhone usage accordingly.
Stay tuned for additional details as they become available.
Via Macworld and support.apple.com