CVE-2025-31225Sensitive Information Exposure in Apple IOS AND Ipados

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.3%
top 50.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple IOS AND IpadosApple IpadosApple Iphone OS
Timeline
PublishedMay 12
Latest updateMay 13

Description

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.5 and iPadOS 18.5. Call history from deleted apps may still appear in spotlight search results.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages3 packages

NVDapple/ipados< 18.5
CVEListV5apple/ios_and_ipados< 18.5
NVDapple/iphone_os< 18.5

🔴Vulnerability Details

2
GHSA
GHSA-6mhh-cg8v-6pjf: A privacy issue was addressed by removing sensitive data2025-05-13
CVEList
CVE-2025-31225: A privacy issue was addressed by removing sensitive data2025-05-12

📋Vendor Advisories

1
Apple
CVE-2025-31225: iOS 18.5 and iPadOS 18.52025-05-12
CVE-2025-31225 — Sensitive Information Exposure | cvebase