CVE-2025-31224

HIGH

7.8

Description

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to bypass certain Privacy preferences.

Details CVE

Score CVSS v3.17.8

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueLOCAL

ComplexiteLOW

Privileges requisLOW

Interaction utilisateurNONE

Publie5/12/2025

Derniere modification4/2/2026

Sourcenvd

Observations honeypot0

Produits affectes

apple:macos

Faiblesses (CWE)

CWE-693

References

https://support.apple.com/en-us/122716(product-security@apple.com)

https://support.apple.com/en-us/122717(product-security@apple.com)

https://support.apple.com/en-us/122718(product-security@apple.com)

http://seclists.org/fulldisclosure/2025/May/7(af854a3a-2127-422b-91ae-364da2661108)

http://seclists.org/fulldisclosure/2025/May/8(af854a3a-2127-422b-91ae-364da2661108)

http://seclists.org/fulldisclosure/2025/May/9(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.