{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-31247","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2025-03-27T16:13:58.327Z","datePublished":"2025-05-12T21:42:53.294Z","dateUpdated":"2026-04-02T18:21:55.000Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An attacker may gain access to protected parts of the file system"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"13.7.6","versionType":"custom"},{"version":"0","status":"affected","lessThan":"14.7.6","versionType":"custom"},{"version":"0","status":"affected","lessThan":"15.5","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An attacker may gain access to protected parts of the file system."}],"references":[{"url":"https://support.apple.com/en-us/122716"},{"url":"https://support.apple.com/en-us/122717"},{"url":"https://support.apple.com/en-us/122718"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:21:55.000Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-284","lang":"en","description":"CWE-284 Improper Access Control"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.5,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-05-13T19:57:04.844577Z","id":"CVE-2025-31247","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-13T19:57:47.873Z"}},{"title":"CVE Program Container","references":[{"url":"http://seclists.org/fulldisclosure/2025/May/9"},{"url":"http://seclists.org/fulldisclosure/2025/May/8"},{"url":"http://seclists.org/fulldisclosure/2025/May/7"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:52:09.731Z"}}]}}