CVE-2025-31229 – This vulnerability allows VoiceOver, Apple's sc... (How to Fix)

Q: What is the severity of CVE-2025-31229?

CVE-2025-31229 has a CVSS score of 9.1 (CRITICAL). This vulnerability allows VoiceOver, Apple's screen reader accessibility feature, to audibly read device passcodes when enabled. This affects iOS and iPadOS users with VoiceOver active, potentially exposing authentication credentials to nearby listeners.

📋 TL;DR

This vulnerability allows VoiceOver, Apple's screen reader accessibility feature, to audibly read device passcodes when enabled. This affects iOS and iPadOS users with VoiceOver active, potentially exposing authentication credentials to nearby listeners.

💻 Affected Systems

Products:

iPhone
iPad

Versions: iOS and iPadOS versions before 18.6

Operating Systems: iOS, iPadOS

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when VoiceOver accessibility feature is enabled. Default configuration has VoiceOver disabled.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker within earshot could capture the device passcode, gain physical access, unlock the device, and access sensitive data, accounts, or perform unauthorized actions.

🟠

Likely Case

Accidental exposure in public settings where VoiceOver reads the passcode aloud, allowing nearby individuals to overhear and potentially misuse it.

🟢

If Mitigated

With VoiceOver disabled or device in a private setting, risk is minimal as the passcode remains silent during entry.

🌐 Internet-Facing: LOW - This is a local physical/audio vulnerability, not network-based.

🏢 Internal Only: MEDIUM - Risk exists in shared physical spaces where others might overhear the spoken passcode.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires physical proximity to hear the spoken passcode. No technical exploit code needed beyond enabling VoiceOver.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 18.6, iPadOS 18.6

Vendor Advisory: https://support.apple.com/en-us/124147

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Tap General. 3. Tap Software Update. 4. Install iOS/iPadOS 18.6 update. 5. Device will restart automatically.

🔧 Temporary Workarounds

Disable VoiceOver

all

Temporarily turn off VoiceOver screen reader to prevent passcode from being read aloud.

Triple-click Side/Top button (if configured for Accessibility Shortcut) or go to Settings > Accessibility > VoiceOver and toggle off

Use Private Entry Mode

all

Enter passcode in private, quiet environments away from others when VoiceOver is enabled.

🧯 If You Can't Patch

Disable VoiceOver when entering passcodes in non-private settings.
Use alternative authentication like Face ID/Touch ID where available to avoid passcode entry.

🔍 How to Verify

Check if Vulnerable:

Check if VoiceOver is enabled (Settings > Accessibility > VoiceOver) and iOS/iPadOS version is below 18.6.

Check Version:

Settings > General > About > Version

Verify Fix Applied:

Update to iOS/iPadOS 18.6, enable VoiceOver, and verify passcode entry no longer reads digits aloud.

📡 Detection & Monitoring

Log Indicators:

No specific log indicators; detection relies on physical awareness of audible passcode reading.

Network Indicators:

None - this is a local physical vulnerability.

SIEM Query:

Not applicable for this local audio exposure vulnerability.

📊 Metadata

CVE ID: CVE-2025-31229

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-261

EPSS Score: 0.08% exploit probability (23.4th percentile)

Published: July 30, 2025

Last Updated: November 3, 2025

🔗 References

https://support.apple.com/en-us/124147 Release Notes,Vendor Advisory
http://seclists.org/fulldisclosure/2025/Jul/30

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-31229, you might also want to check these: