Data Access Vulnerability in Apple iOS and iPadOS Products
CVE-2025-24221

7.5HIGH

Key Information:

Vendor: Apple
Status: iOS And iPad OS; iPad OS; Visionos
Vendor: CVE Published:; 31 March 2025

Summary

A security issue has been identified in Apple’s iOS and iPadOS platforms that may lead to unauthorized access to sensitive keychain data via an iOS backup. Improvements have been made to data access restrictions to enhance security in the latest versions, specifically iOS 18.4, iPadOS 18.4, iPadOS 17.7.6, and visionOS 2.4. Users are advised to update their devices to these versions to mitigate potential risks.

Affected Version(s)

iOS and iPadOS < 18.4

iPadOS < 17.7

visionOS < 2.4

References

https://support.apple.com/en-us/122371

https://support.apple.com/en-us/122372

https://support.apple.com/en-us/122378

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Jan 17, 2025