- Description
- This issue was addressed with improved handling of symlinks. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to delete files for which it does not have permission.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-862
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🔴 #Apple #OS Suite, Improper Symlink Handling, #CVE-2025-31182 (Critical) https://t.co/qgvSXo0vcn
@dailycve
4 Apr 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple fixes a critical flaw (CVE-2025-31182) that allowed unauthorized file deletion via symlink misuse. Impact: CVSS 9.8 🚨 Affected? Update now. Details 👉 https://t.co/52hO3TNkYz #Apple #Cybersecurity #CVE202531182
@threatsbank
2 Apr 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Today's April 1st. From garage geeks to tech titans: Happy Birthday, Apple Our team discovered security vulnerabilities in launchd, SMB, and Kerberos. CVE-2025-24269 CVE-2025-31182 CVE-2025-24235 CVE-2025-30444 https://t.co/8eq1et5ysq https://t.co/0H0GJJ3nol
@spr_networks
1 Apr 2025
412 Impressions
5 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-31182 File Deletion Vulnerability in Apple Operating Systems Affecting Multiple Versions https://t.co/gwR9abrirO
@VulmonFeeds
1 Apr 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
When Apple fixed CVE-2025-31182(need no app-sandbox), another vulnerability I reported was also fixed at the same time, but the vulnerability can achieve local privilege escalation, even though it is difficult to complete stable exploitation, not just deleting arbitrary files.😀
@binary_fmyy
1 Apr 2025
629 Impressions
1 Retweet
10 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B3450F7-7B4A-46CE-A6E0-BBE6569F2EBF",
"versionEndExcluding": "18.4"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D9C73F9-FEF4-4FC1-B83D-56566AD35990",
"versionEndExcluding": "18.4"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "345CC17A-CCA4-4B82-A645-A5226A8DAEBB",
"versionEndExcluding": "13.7.5"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D05DCA25-A1A0-4AEA-9F31-952803114EE2",
"versionEndExcluding": "14.7.5",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C61CCC2-87D3-4A3A-837B-63C48299A7AD",
"versionEndExcluding": "18.4"
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E82603D7-A630-4B9B-9C51-880667F05EC7",
"versionEndExcluding": "2.4"
}
],
"operator": "OR"
}
]
}
]