Local Network Vulnerability in Apple Products Leading to Information Leakage
CVE-2025-24270

5.7MEDIUM

Key Information:

Vendor
Apple
Status
TV OS
iOS And iPad OS
iPad OS
Mac OS
Vendor
CVE Published:
29 April 2025

Summary

A vulnerability in certain Apple operating systems has been identified that allows an attacker on the same local network to potentially leak sensitive user information. Apple has addressed this issue by removing the vulnerable code in recent updates. Users are encouraged to update their devices to the latest versions to ensure protection against this vulnerability.

Affected Version(s)

iOS and iPadOS < 18.4

iPadOS < 17.7

macOS < 15.4

References

https://support.apple.com/en-us/122377
https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122372

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2025-24270 : Local Network Vulnerability in Apple Products Leading to Information Leakage | SecurityVulnerability.io