CVE-2025-31192

Description

The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A website may be able to access sensor information without user consent.

References

https://support.apple.com/en-us/122379

https://support.apple.com/en-us/122373

https://support.apple.com/en-us/122371

http://seclists.org/fulldisclosure/2025/Apr/8

http://seclists.org/fulldisclosure/2025/Apr/4

http://seclists.org/fulldisclosure/2025/Apr/2

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS