Logging Vulnerability in visionOS and iOS Devices by Apple
CVE-2025-24283

5.5MEDIUM

Key Information:

Vendor: Apple
Status: iOS And iPad OS; Mac OS; Visionos
Vendor: CVE Published:; 31 March 2025

Summary

A significant logging vulnerability has been identified in Apple's visionOS, iOS, iPadOS, and macOS platforms. This issue can potentially allow applications to access sensitive user data due to inadequate data redaction practices. Apple has addressed this flaw in the latest versions of these operating systems: visionOS 2.4, iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4. Users are encouraged to update their devices to safeguard against potential data exposure.

Affected Version(s)

iOS and iPadOS < 18.4

macOS < 15.4

visionOS < 2.4

References

https://support.apple.com/en-us/122371

https://support.apple.com/en-us/122373

https://support.apple.com/en-us/122378

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Jan 17, 2025