CVE Vulnerabilities

CVE-2025-31264

Improper Authentication

Published: May 29, 2025 | Modified: Jun 02, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Macos Apple * 13.7.5 (excluding)
Macos Apple 14.0 (including) 14.7.5 (excluding)
Macos Apple 15.0 (including) 15.4 (excluding)

Potential Mitigations

References