Severity
High
Analysis Summary
CVE-2025-31244 CVSS:8.8
A file quarantine bypass was addressed with additional checks. This issue is fixed in Apple macOS Sequoia 15.5. An app may be able to break out of its sandbox.
CVE-2025-31213 CVSS:7.6
A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access associated usernames and websites in a user's iCloud Keychain.
CVE-2025-31259 CVSS:7.8
The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.5. An app may be able to gain elevated privileges.
Impact
- Privilege Escalation
- Security Bypass
Indicators of Compromise
CVE
CVE-2025-31244
CVE-2025-31213
CVE-2025-31259
Affected Vendors
- Apple
Affected Products
- Apple macOS - unspecified
- Apple iPadOS - unspecified
Remediation
Refer to Apple's security Advisory for patch, upgrade, or suggested workaround information.