CVE-2025-31183

Description

The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. An app may be able to access sensitive user data.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Apple / iOS and iPadOS0 – 18.4
Apple / macOS0 – 14.7.5
Apple / macOS0 – 15.4
Apple / tvOS0 – 18.4
Apple / watchOS0 – 11.4

References

VENDOR_ADVISORYhttps://support.apple.com/en-us/122371
VENDOR_ADVISORYhttps://support.apple.com/en-us/122373
VENDOR_ADVISORYhttps://support.apple.com/en-us/122374
VENDOR_ADVISORYhttps://support.apple.com/en-us/122376
VENDOR_ADVISORYhttps://support.apple.com/en-us/122377