Permissions Issue in Apple Software Products
CVE-2025-31262

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Visionos; TV OS; Mac OS; Watch OS
Vendor: CVE Published:; 19 May 2025

What is CVE-2025-31262?

A permissions issue was identified in various Apple operating systems, allowing apps the potential capability to alter protected sections of the file system. This vulnerability has been addressed with additional restrictions in the latest software updates, ensuring better security and stability across devices. Users are encouraged to update to the latest versions of visionOS 2.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, and tvOS 18.3 to mitigate risks associated with this issue.

Affected Version(s)

iOS and iPadOS < 18.3

macOS < 15.3

tvOS < 18.3

References

https://support.apple.com/en-us/122073

https://support.apple.com/en-us/122072

https://support.apple.com/en-us/122068

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2025
Vulnerability Reserved
Mar 27, 2025