CVE-2025-31183
Published: 31 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-31183 is a vulnerability involving improper restriction of data container access, which allows an app to access sensitive user data. It affects Apple's iOS and iPadOS prior to version 18.4, macOS Sequoia prior to 15.4, macOS Sonoma prior to 14.7.5, tvOS prior to 18.4, and watchOS prior to 11.4. Published on March 31, 2025, the issue is classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Entity) and carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity.
An attacker can exploit this vulnerability remotely over the network with low complexity, requiring no privileges or user interaction. Exploitation enables an app to access sensitive user data, resulting in high impacts to confidentiality, integrity, and availability.
Apple addressed the issue through improved restriction of data container access in the following releases: iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, and watchOS 11.4. Security advisories providing further details are available at https://support.apple.com/en-us/122371, https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, https://support.apple.com/en-us/122376, and https://support.apple.com/en-us/122377.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability directly enables unauthorized access to sensitive user data stored in local data containers on the system, mapping to T1005 Data from Local System.