CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-31228: The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical...

6.8 CVSS

Description

The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to access notes from the lock screen.

Classification

CVE ID: CVE-2025-31228

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.8

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem Types

An attacker with physical access to a device may be able to access notes from the lock screen

Affected Products

Vendor: Apple

Product: iPadOS, iOS and iPadOS

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 10.23% (scored less or equal to compared to others)

EPSS Date: 2025-06-10 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-31228
https://support.apple.com/en-us/122405
https://support.apple.com/en-us/122404

Timeline

2025-05-12 22:40:16 UTC
CVE

The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical...