Sensitive User Data Exposure in Apple Products
CVE-2025-31191

5.5MEDIUM

Key Information:

Vendor
Apple
Status
TV OS
iOS And iPad OS
Mac OS
Vendor
CVE Published:
31 March 2025

Summary

An issue has been identified that allows an app to potentially gain unauthorized access to sensitive user data due to improper state management. Apple has addressed this issue in several updates, reinforcing security measures in macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4, and macOS Sonoma 14.7.5.

Affected Version(s)

iOS and iPadOS < 18.4

macOS < 15.4

macOS < 14.7

References

https://support.apple.com/en-us/122377
https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122373

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.