Data Container Access Vulnerability in Apple Software Products
CVE-2025-31183

9.8CRITICAL

Key Information:

Vendor: Apple
Status: TV OS; iOS And iPad OS; Mac OS
Vendor: CVE Published:; 31 March 2025

Summary

A vulnerability has been identified that allows applications to potentially access sensitive user data due to insufficient restrictions on data container access. This issue has been addressed in various Apple operating systems, including macOS Sonoma, iOS, iPadOS, and tvOS. Users are encouraged to update their devices to the latest versions to protect sensitive information.

Affected Version(s)

iOS and iPadOS < 18.4

macOS < 15.4

macOS < 14.7

References

https://support.apple.com/en-us/122377

https://support.apple.com/en-us/122371

https://support.apple.com/en-us/122373

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Mar 27, 2025