Main Vulnerability Database Vulnerabilities #VU111709

#VU111709 Improper authentication in macOS - CVE-2025-31264

Published: June 21, 2025

Vulnerability identifier: #VU111709

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-31264

CWE-ID: CWE-287

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to improper authentication in macOS Recovery feature. An attacker with physical access to the system can obtain sensitive user information from a locked device.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/122373

#VU111709 Improper authentication in macOS - CVE-2025-31264

Description

Remediation

External links

Please verify you're human