Multiple vulnerabilities in Apple visionOS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 50 |
| CVE-ID | CVE-2024-56171 CVE-2025-24113 CVE-2025-27113 CVE-2024-48958 CVE-2025-24230 CVE-2025-24243 CVE-2025-30430 CVE-2025-24180 CVE-2025-24237 CVE-2025-30429 CVE-2025-24212 CVE-2025-24163 CVE-2025-24211 CVE-2025-24190 CVE-2025-24182 CVE-2024-9681 CVE-2025-24221 CVE-2025-30439 CVE-2025-24283 CVE-2025-30447 CVE-2025-24210 CVE-2025-24257 CVE-2025-30432 CVE-2025-24194 CVE-2025-31182 CVE-2025-30470 CVE-2025-30426 CVE-2025-24173 CVE-2025-24095 CVE-2025-30471 CVE-2025-30438 CVE-2025-30433 CVE-2025-24214 CVE-2025-31184 CVE-2025-24192 CVE-2025-24264 CVE-2025-24216 CVE-2025-30427 CVE-2025-31202 CVE-2025-24271 CVE-2025-24270 CVE-2025-24252 CVE-2025-24251 CVE-2025-31197 CVE-2025-24206 CVE-2025-30445 CVE-2025-31203 CVE-2025-31196 CVE-2025-31199 CVE-2025-30466 |
| CWE-ID | CWE-416 CWE-451 CWE-476 CWE-125 CWE-119 CWE-371 CWE-254 CWE-120 CWE-22 CWE-20 CWE-787 CWE-1025 CWE-284 CWE-532 CWE-59 CWE-264 CWE-200 CWE-862 CWE-287 CWE-843 CWE-190 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #40 is available. Public exploit code for vulnerability #42 is available. |
| Vulnerable software |
visionOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 50 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU104099
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-56171
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the xmlSchemaIDCFillNodeTables() and xmlSchemaBubbleIDCNodeTables() functions in xmlschemas.c. A remote attacker can pass specially crafted XML document to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Spoofing attack
EUVDB-ID: #VU103350
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24113
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data in Safari. A remote attacker can trick the victim into visiting a specially crafted website and spoof the page content.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU104213
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-27113
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xmlPatMatch() function in pattern.c. A remote attacker can pass specially crafted XML document to the affected application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU98512
Risk: Medium
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-48958
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the execute_filter_delta() function in archive_read_support_format_rar.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU106327
Risk: Medium
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24230
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in CoreAudio. A remote attacker can create a specially crafted MP4 file, trick the victim into playing it, trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU106318
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24243
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Audio. A remote attacker can create a specially crafted AMR file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) State Issues
EUVDB-ID: #VU106319
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L/E:U/U:Clear]
CVE-ID: CVE-2025-30430
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain unauthorized access to third-party services.
The vulnerability exists in Authentication Services due to software autofill passwords after failing authentication. An attacker with physical access to the system can login to a third-party application using credentials provided by Authentication Services.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Security features bypass
EUVDB-ID: #VU106320
Risk: Medium
CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24180
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists in Authentication Services due to insufficient input validation. A remote attacker can trick the victim into visiting a specially crafted website that is able to claim WebAuthn credentials from another website that shares a registrable suffix.
Install update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Buffer overflow
EUVDB-ID: #VU106323
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24237
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in BiometricKit. A local application can trigger a buffer overflow and terminate the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Path traversal
EUVDB-ID: #VU106324
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30429
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to input validation error when processing filenames in Calendar. A local application can break out of its sandbox.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Input validation error
EUVDB-ID: #VU106325
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24212
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of untrusted input in Calendar. A local application can break out of its sandbox.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Input validation error
EUVDB-ID: #VU103340
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24163
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreAudio. A remote attacker can trick the victim into opening a specially crafted media file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Out-of-bounds write
EUVDB-ID: #VU106328
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24211
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in CoreMedia. A remote attacker can create a specially crafted MP4 file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system in the context of the WebKit GPU process.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Buffer overflow
EUVDB-ID: #VU106330
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24190
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in CoreMedia. A remote attacker can create a specially crafted MP4 file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system in the context of the WebKit GPU process.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Out-of-bounds read
EUVDB-ID: #VU106333
Risk: Medium
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24182
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in CoreText when handling font files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Comparison using wrong factors
EUVDB-ID: #VU99865
Risk: Low
CVSSv4.0: 0.2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-9681
CWE-ID:
CWE-1025 - Comparison using wrong factors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to an error in HSTS cache implementation. When curl is asked to use HSTS, the expiry time for a subdomain can overwrite a parent domain's cache entry, making it end sooner or later
than otherwise intended. This can lead to situations when the website becomes unavailable or force the client to switch to HTTP from HTTP connection earlier than intended.
Install update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper access control
EUVDB-ID: #VU106909
Risk: Medium
CVSSv4.0: 2.3 [CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24221
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in Accounts. Sensitive keychain data may be accessible from an iOS backup.
Install update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Improper access control
EUVDB-ID: #VU106398
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30439
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows an attacker with physical access to the system to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in Focus. An attacker with physical access to the system can view sensitive user information.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Information exposure through log files
EUVDB-ID: #VU106399
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24283
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to inclusion of sensitive information into a log file in Focus. A local application can access sensitive user data.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Information exposure through log files
EUVDB-ID: #VU106401
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30447
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to inclusion of sensitive information into a log file in Foundation. A local application can access sensitive user data.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Out-of-bounds read
EUVDB-ID: #VU106407
Risk: Medium
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24210
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the CoreGraphics framework. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Out-of-bounds write
EUVDB-ID: #VU106410
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24257
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to an out-of-bounds write in IOGPUFamily. A local application can cause unexpected system termination or write kernel memory.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) State Issues
EUVDB-ID: #VU106906
Risk: Low
CVSSv4.0: 2 [CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30432
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to an state management error in OS kernel. An attacker with physical access to device and having a malicious app installed on the it can attempt passcode entries on a locked device and thereby cause escalating time delays after 4 failures.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Improper access control
EUVDB-ID: #VU106419
Risk: Medium
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24194
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in libnetcore. A remote attacker can trick the victim into opening a specially crafted file and gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Link following
EUVDB-ID: #VU106872
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-31182
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain delete arbitrary files on the system.
The
vulnerability exists due to insecure symbolic link following in libxpc. A local application can delete files from the system it does not have access to.
Install update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper limitation of a pathname to a restricted directory ('path traversal')
EUVDB-ID: #VU106848
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30470
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to incorrect handling of path names in Maps. A local application can read sensitive location information.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper access control
EUVDB-ID: #VU106874
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30426
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to enumerate installed apps on device.
The vulnerability exists due to improper access restrictions in NetworkExtension. A local application can enumerate a user's installed apps.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Improper access control
EUVDB-ID: #VU106521
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24173
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions in Power Services. A local application can break out of its sandbox.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper access control
EUVDB-ID: #VU106915
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24095
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in RepairKit. A local application can bypass Privacy preferences.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Input validation error
EUVDB-ID: #VU106885
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-30471
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in Security component. A remote attacker can pass specially crafted input to the system and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Improper access control
EUVDB-ID: #VU106887
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30438
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to improper access restrictions in Share Sheet. A local application can dismiss the system notification on the Lock Screen that a recording was started.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Improper access control
EUVDB-ID: #VU106890
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30433
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in Shortcuts. A local application can access files that are normally inaccessible to the Shortcuts app.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Information exposure through log files
EUVDB-ID: #VU106817
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24214
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to inclusion of sensitive information into a log file in Siri. A local application can access sensitive user data.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU106879
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-31184
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient permissions checks. A remote attacker can trick Safari into gaining unauthorized access to Local Network.
Install update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Information disclosure
EUVDB-ID: #VU106880
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24192
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to an error when handling script imports. A malicious website can gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Memory corruption
EUVDB-ID: #VU106829
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24264
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in WebKit. A remote attacker can trick the victim into opening a specially crafted website and perform an unexpected Safari crash.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Memory corruption
EUVDB-ID: #VU106831
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24216
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in WebKit. A remote attacker can trick the victim into opening a specially crafted website and perform an unexpected Safari crash.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Use after free
EUVDB-ID: #VU106833
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30427
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in WebKit. A remote attacker can trick the victim into opening a specially crafted website and perform an unexpected Safari crash.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) NULL pointer dereference
EUVDB-ID: #VU108011
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-31202
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker on the local network to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference in AirPlay. A remote attacker on the local network can perform a denial-of-service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Missing authorization
EUVDB-ID: #VU108022
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2025-24271
CWE-ID:
CWE-862 - Missing Authorization
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to missing authorization checks in AirPlay. A remote non-authenticated attacker on the same network as a signed-in Mac can send it AirPlay commands without pairing.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Information disclosure
EUVDB-ID: #VU108019
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24270
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in AirPlay. A remote attacker on the local network can gain unauthorized access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Use after free
EUVDB-ID: #VU108013
Risk: High
CVSSv4.0: 7.4 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2025-24252
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker on the local network to compromise the affected system.
The vulnerability exists due to a use-after-free error in AirPlay. A remote attacker on the local network can corrupt process memory.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Input validation error
EUVDB-ID: #VU108014
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24251
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in AirPlay. A remote attacker on the local network can send specially crafted input to the system and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Input validation error
EUVDB-ID: #VU108015
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-31197
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in AirPlay. A remote attacker on the local network can send specially crafted input to the system and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Improper authentication
EUVDB-ID: #VU108021
Risk: High
CVSSv4.0: 6.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24206
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to a state issue in AirPlay when handling authentication requests. A remote attacker on the local network can bypass authentication process and gain unauthorized access to the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Type Confusion
EUVDB-ID: #VU108012
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30445
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to type confusion error in AirPlay. A remote attacker on the local network can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Integer overflow
EUVDB-ID: #VU108016
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-31203
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker on the local network to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation in CoreUtils. A remote attacker on the local network can send specially crafted input to the system, trigger an integer overflow and perform a denial-of-service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Improper input validation
EUVDB-ID: #VU108979
Risk: Medium
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-31196
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation in CoreGraphics. A remote attacker can trick the victim into opening a specially crafted file and perform a denial-of-service or potentially disclose memory contents.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU111708
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-31199
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to software stores sensitive information into log files. A local application can read the log files and gain access to sensitive user data.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Security features bypass
EUVDB-ID: #VU111710
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-30466
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to incorrect implementation of Same Origin Policy. A remote attacker can trick the victim into visiting a specially crafted website and bypass Same Origin Policy restrictions.
MitigationInstall update from vendor's website.
Vulnerable software versionsvisionOS: 1.0 - 2.3.2
CPE2.3- cpe:2.3:o:apple:visionos:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:1.0.2:*:*:*:*:*:*:*
https://support.apple.com/en-us/122378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
