5.5

CVE-2025-24117

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iPadOS 17.7.4, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3. An app may be able to fingerprint the user.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPadOS Version < 17.7.4
AppleiPadOS Version >= 18.0 < 18.3
AppleiPhone OS Version < 18.3
ApplemacOS Version < 15.3
ApplevisionOS Version < 2.3
ApplewatchOS Version < 11.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.051
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE-922 Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

https://support.apple.com/en-us/122067
Vendor Advisory
Release Notes
https://support.apple.com/en-us/122066
Vendor Advisory
Release Notes
https://support.apple.com/en-us/122068
Vendor Advisory
Release Notes
https://support.apple.com/en-us/122071
Vendor Advisory
Release Notes
https://support.apple.com/en-us/122073
Vendor Advisory
Release Notes