CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-24141: An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical...

Description

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked.

Classification

CVE ID: CVE-2025-24141

Affected Products

Vendor: Apple

Product: iOS and iPadOS

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.72% (scored less or equal to compared to others)

EPSS Date: 2025-02-25 (when was this score calculated)

References

https://support.apple.com/en-us/122066

Timeline

2025-01-28 00:31:05 UTC
CVE

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical...