vulnerability

OS X update for PackageKit (CVE-2025-31262)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:C/A:N)	May 20, 2025	May 20, 2025	Apr 6, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:C/A:N)

Published

May 20, 2025

Added

May 20, 2025

Modified

Apr 6, 2026

Description

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to modify protected parts of the file system.

Solution

apple-osx-upgrade-15_3

References

CVE-2025-31262
https://attackerkb.com/topics/CVE-2025-31262
CWE-732
EUVD-EUVD-2025-15734
https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-15734
https://support.apple.com/en-us/122068

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today