Cyber Resilience

CVE-2025-31229

Critical

Published: 30 July 2025

Published
30 July 2025
Modified
03 November 2025
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score 0.0046 64.8th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-31229 is a critical-severity Weak Encoding for Password (CWE-261) vulnerability in Apple Ipados. Its CVSS base score is 9.1 (Critical).

Operationally, ranked in the top 35.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-6 (Authentication Feedback) and SI-15 (Information Output Filtering).

Deeper analysis

CVE-2025-31229 is a logic issue addressed with improved checks in the VoiceOver accessibility feature on iOS and iPadOS prior to version 18.6. The vulnerability enables the passcode to be read aloud by VoiceOver. It carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) and is associated with CWE-261 (Weak Encoding for Password).

Remote attackers can exploit this vulnerability over the network with low attack complexity, requiring no privileges, authentication, or user interaction. Exploitation results in high confidentiality and availability impacts, allowing the attacker to cause the device to audibly disclose the passcode via VoiceOver.

Apple's advisory confirms the issue is fixed in iOS 18.6 and iPadOS 18.6 through improved checks. Additional details are provided in the support article at https://support.apple.com/en-us/124147 and the Full Disclosure mailing list posting at http://seclists.org/fulldisclosure/2025/Jul/30.

EU & UK References

Vulnerability details

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may be read aloud by VoiceOver.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

Insufficient information to map techniques.
Confidence: LOW · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-28875Same product: Apple Ipados
CVE-2024-44136Same product: Apple Ipados
CVE-2026-28965Same product: Apple Ipados
CVE-2024-44276Same product: Apple Ipados
CVE-2025-46311Same product: Apple Ipados
CVE-2025-24200Same product: Apple Ipados
CVE-2026-28874Same product: Apple Ipados
CVE-2026-28872Same product: Apple Ipados
CVE-2026-28858Same product: Apple Ipados
CVE-2024-44238Same product: Apple Ipados

Affected Assets

apple
ipados
≤ 18.6
apple
iphone os
≤ 18.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

IA-6 requires obscuring feedback of authentication information like passcodes to prevent exploitation, directly mitigating the VoiceOver disclosure of the passcode.

prevent

SI-2 mandates timely identification and remediation of system flaws, addressing the logic issue in VoiceOver fixed by Apple's improved checks in iOS/iPadOS 18.6.

prevent

SI-15 filters sensitive information prior to output, preventing passcode disclosure through audio mechanisms like VoiceOver.

References