CVE-2025-31229
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-30
Last updated on: 2025-11-03
Assigner: Apple Inc.
Description
Description
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may be read aloud by VoiceOver.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ipados | to 18.6 (exc) |
| apple | iphone_os | to 18.6 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-261 | Obscuring a password with a trivial encoding does not protect the password. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a logic issue in iOS and iPadOS where the device's VoiceOver feature may read aloud the passcode. The issue was addressed by implementing improved checks to prevent this unintended disclosure of the passcode.
How can this vulnerability impact me? :
This vulnerability can impact you by potentially exposing your device's passcode through the VoiceOver feature, which could lead to unauthorized access if someone nearby hears the passcode being read aloud.
What immediate steps should I take to mitigate this vulnerability?
Update your devices to iOS 18.6 or iPadOS 18.6, as this vulnerability is fixed in these versions.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70