Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-31213

A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access associated usernames and websites in a user's iCloud Keychain.

Published

2025-05-12T22:15:22.257

Last Modified

2025-11-03T20:18:18.247

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.6 (HIGH)

Weaknesses

Type: Secondary
CWE-532

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	apple	ipados	< 17.7.7	Yes
Operating System	apple	macos	< 13.7.6	Yes
Operating System	apple	macos	< 14.7.6	Yes
Operating System	apple	macos	< 15.5	Yes

References

https://support.apple.com/en-us/122405 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/122716 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/122717 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/122718 Release Notes, Vendor Advisory ([email protected])
http://seclists.org/fulldisclosure/2025/May/6 (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2025/May/7 (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2025/May/8 (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2025/May/9 (af854a3a-2127-422b-91ae-364da2661108)