{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-24117","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2025-01-17T00:00:44.970Z","datePublished":"2025-01-27T21:46:11.417Z","dateUpdated":"2026-04-02T18:18:46.378Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app may be able to fingerprint the user"}]}],"affected":[{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"0","status":"affected","lessThan":"18.3","versionType":"custom"}]},{"vendor":"Apple","product":"iPadOS","versions":[{"version":"0","status":"affected","lessThan":"17.7.4","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"15.3","versionType":"custom"}]},{"vendor":"Apple","product":"visionOS","versions":[{"version":"0","status":"affected","lessThan":"2.3","versionType":"custom"}]},{"vendor":"Apple","product":"watchOS","versions":[{"version":"0","status":"affected","lessThan":"11.3","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, visionOS 2.3, watchOS 11.3. An app may be able to fingerprint the user."}],"references":[{"url":"https://support.apple.com/en-us/122066"},{"url":"https://support.apple.com/en-us/122067"},{"url":"https://support.apple.com/en-us/122068"},{"url":"https://support.apple.com/en-us/122071"},{"url":"https://support.apple.com/en-us/122073"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:18:46.378Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-922","lang":"en","description":"CWE-922 Insecure Storage of Sensitive Information"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-01-29T16:50:59.737262Z","id":"CVE-2025-24117","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-29T16:51:28.844Z"}},{"title":"CVE Program Container","references":[{"url":"http://seclists.org/fulldisclosure/2025/Jan/18"},{"url":"http://seclists.org/fulldisclosure/2025/Jan/15"},{"url":"http://seclists.org/fulldisclosure/2025/Jan/14"},{"url":"http://seclists.org/fulldisclosure/2025/Jan/12"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:02:09.046Z"}}]}}