CVE-2025-31191 – This CVE describes an information disclosure vu... (How to Fix)

Q: What is the severity of CVE-2025-31191?

CVE-2025-31191 has a CVSS score of 5.5 (MEDIUM). This CVE describes an information disclosure vulnerability in Apple operating systems where an app could access sensitive user data due to improper state management. The vulnerability affects macOS, tvOS, iOS, and iPadOS users running outdated versions. Apple has addressed this through improved state management in security updates.

📋 TL;DR

This CVE describes an information disclosure vulnerability in Apple operating systems where an app could access sensitive user data due to improper state management. The vulnerability affects macOS, tvOS, iOS, and iPadOS users running outdated versions. Apple has addressed this through improved state management in security updates.

💻 Affected Systems

Products:

macOS
tvOS
iOS
iPadOS

Versions: Versions prior to macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5

Operating Systems: macOS, tvOS, iOS, iPadOS

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running affected versions are vulnerable by default. The vulnerability requires app installation/execution.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious app could access sensitive user data including personal information, credentials, or private files stored on the device.

🟠

Likely Case

Malicious apps in the App Store or sideloaded apps could access limited sensitive data within their sandbox boundaries.

🟢

If Mitigated

With proper app sandboxing and security controls, impact would be limited to data accessible within the app's permissions.

🌐 Internet-Facing: LOW - This is primarily a local app vulnerability, not directly exploitable over the internet.

🏢 Internal Only: MEDIUM - Malicious apps could exploit this locally on affected devices within an organization.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires a malicious app to be installed on the target device. No public exploit details are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5

Vendor Advisory: https://support.apple.com/en-us/122371

Restart Required: Yes

Instructions:

1. Open Settings/System Preferences. 2. Navigate to Software Update. 3. Install the latest available update for your OS version. 4. Restart the device when prompted.

🔧 Temporary Workarounds

Restrict App Installation

all

Limit app installation to only trusted sources and the official App Store

Enable App Sandboxing

all

Ensure app sandboxing is enabled to limit potential data access

🧯 If You Can't Patch

Implement strict app installation policies to prevent untrusted apps
Use mobile device management (MDM) to enforce security controls and monitor for suspicious app behavior

🔍 How to Verify

Check if Vulnerable:

Check your OS version in Settings > General > About (iOS/iPadOS) or Apple menu > About This Mac (macOS)

Check Version:

sw_vers (macOS) or Settings > General > About > Version (iOS/iPadOS)

Verify Fix Applied:

Verify OS version matches or exceeds the patched versions listed in the fix information

📡 Detection & Monitoring

Log Indicators:

Unusual app behavior accessing sensitive data stores
App crashes related to data access

Network Indicators:

Unusual data exfiltration from apps to external servers

SIEM Query:

Search for app process accessing sensitive file paths or data stores outside normal patterns

📊 Metadata

CVE ID: CVE-2025-31191

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-200

EPSS Score: 0.1% exploit probability (26.6th percentile)

Published: March 31, 2025

Last Updated: November 3, 2025

🔗 References

https://support.apple.com/en-us/122371 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122373 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122374 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122375 Release Notes,Vendor Advisory
https://support.apple.com/en-us/122377 Release Notes,Vendor Advisory
http://seclists.org/fulldisclosure/2025/Apr/10
http://seclists.org/fulldisclosure/2025/Apr/11
http://seclists.org/fulldisclosure/2025/Apr/13
http://seclists.org/fulldisclosure/2025/Apr/4
http://seclists.org/fulldisclosure/2025/Apr/8
http://seclists.org/fulldisclosure/2025/Apr/9
https://www.microsoft.com/en-us/security/blog/2025/05/01/analyzing-cve-2025-31191-a-macos-security-scoped-bookmarks-based-sandbox-escape/

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-31191, you might also want to check these: