CVE-2025-24095
CVSS 3.1 Score 7.6 of 10 (high)
Details
Published Mar 31, 2025
Updated: Apr 7, 2025
CWE ID 288
Summary
CVE-2025-24095 is a vulnerability that affected the privacy settings in certain apps. This issue allowed apps to bypass user Privacy preferences, potentially exposing sensitive information. The vulnerability has been resolved in visionOS 2.4, iOS 18.4, and iPadOS 18.4 through additional entitlement checks, ensuring that Privacy settings are now enforced as intended. This issue highlights the importance of maintaining up-to-date software to protect against privacy-related cybersecurity risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- iOS
- iPadOS
- Apple (iPhone OS)
Affected Vendors
- Apple