PT-2025-14001 · Apple · Visionos+5

Alexander Heinrich

Published

2025-03-31

Updated

2025-04-01

CVE-2025-31184

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Safari versions prior to 18.4 visionOS versions prior to 2.4 iOS versions prior to 18.4 iPadOS versions prior to 18.4 macOS Sequoia versions prior to 15.4

Description The issue allows an app to gain unauthorized access to the Local Network due to inadequate permissions checking.

Recommendations For Safari versions prior to 18.4, update to Safari 18.4. For visionOS versions prior to 2.4, update to visionOS 2.4. For iOS versions prior to 18.4, update to iOS 18.4. For iPadOS versions prior to 18.4, update to iPadOS 18.4. For macOS Sequoia versions prior to 15.4, update to macOS Sequoia 15.4.

Fix

LPE

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-281

Related Identifiers

BDU:2025-04471

CVE-2025-31184

Affected Products

Apple Macos

Safari

Ios

Ipados

Macos Sequoia

Visionos

PT-2025-14001 · Apple · Visionos+5

CVE-2025-31184

Weakness Enumeration

Related Identifiers

Affected Products

References · 17