CVE-2025-31229
CRITICALDescription
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may be read aloud by VoiceOver.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| apple | ipados |
| apple | iphone_os |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2025-31229? +
How severe is CVE-2025-31229? +
What products are affected by CVE-2025-31229? +
How do I check if I'm vulnerable to CVE-2025-31229? +
Related Vulnerabilities
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is …
Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after …
Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, …
The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within …
An issue in secdiskapp 1.5.1 (management program for NewQ Fingerprint Encryption Super Speed Flash Disk) allows attackers to gain escalated …
Authenticator is a browser extension that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data …