CVE-2025-24141

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.3 iPadOS versions prior to 18.3

Description An authentication issue was addressed with improved state management. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked. The issue is related to the Accessibility component and its authorization mechanism, which may allow an attacker to gain unauthorized access to protected information.

Recommendations For iOS versions prior to 18.3, update to iOS 18.3 to resolve the issue. For iPadOS versions prior to 18.3, update to iPadOS 18.3 to resolve the issue. As a temporary workaround, consider restricting physical access to devices to minimize the risk of exploitation.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

BDU:2025-01557

CVE-2025-24141

Affected Products

Ios

Ipados

CVE-2025-24141

Weakness Enumeration

Related Identifiers

Affected Products

References · 8