Logic Issue in Apple’s iOS and iPadOS Affects Hidden Photos Security
CVE-2025-31185

3.3LOW

Key Information:

Vendor

Apple

Vendor
CVE Published:
19 May 2025

What is CVE-2025-31185?

A vulnerability in Apple’s iOS and iPadOS systems allows unauthorized access to images stored in the Hidden Photos Album due to a logical error in the authentication process. Users may find their private images susceptible to exposure without adequate security measures, making it essential for device owners to update to the latest versions, iOS 18.3 and iPadOS 18.3, to mitigate this risk.

Affected Version(s)

iOS and iPadOS < 18.3

References

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.