exploitDog

CVE-2025-31264

Опубликовано: 29 мая 2025

Источник: nvd

CVSS3: 4.6

EPSS Низкий

Описание

An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

Ссылки

https://support.apple.com/en-us/122373
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122374
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122375
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.5 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.5 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.4 (исключая)

EPSS

Процентиль: 8%

0.00029

Низкий

4.6 Medium

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-92x5-3wh4-435c

CVSS3: 4.6

github

8 месяцев назад

An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

EPSS

Процентиль: 8%

0.00029

Низкий

4.6 Medium

CVSS3

Дефекты

CWE-287