Privacy Issue in iOS and iPadOS by Apple
CVE-2025-31225

7.1HIGH

Key Information:

Vendor: Apple
Status: iOS And iPad OS
Vendor: CVE Published:; 12 May 2025

What is CVE-2025-31225?

A privacy issue was identified in Apple's iOS and iPadOS platforms, where call history from deleted applications could still appear in spotlight search results. This raises concerns about sensitive data exposure even after an app has been removed, potentially putting user privacy at risk. The issue has been addressed in the latest updates, specifically in iOS 18.5 and iPadOS 18.5, ensuring that sensitive information is no longer accessible through search functions.

Affected Version(s)

iOS and iPadOS < 18.5

References

https://support.apple.com/en-us/122404

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2025
Vulnerability Reserved
Mar 27, 2025