Permissions Issue in macOS Sequoia by Apple
CVE-2025-31231

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 29 May 2025

What is CVE-2025-31231?

A permissions issue in macOS Sequoia allows apps to potentially access sensitive location information without proper user consent. This vulnerability highlights the importance of robust restrictions to protect user data from unauthorized access, addressing the oversight with an update in macOS Sequoia 15.4.

Affected Version(s)

macOS < 15.4

References

https://support.apple.com/en-us/122373

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2025
Vulnerability Reserved
Mar 27, 2025