CVE-2025-31192

Website Can Read Sensor Information Without User Consent

Description

The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A website may be able to access sensor information without user consent.

INFO

Published Date :

2025-03-31T22:22:30.090Z

Last Modified :

2026-04-02T18:08:20.753Z

Source :

apple

AFFECTED PRODUCTS

The following products are affected by CVE-2025-31192 vulnerability.

Vendors	Products
Apple	Ipados Iphone Os Macos Safari

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-31192.

URL	Resource
http://seclists.org/fulldisclosure/2025/Apr/2
http://seclists.org/fulldisclosure/2025/Apr/4
http://seclists.org/fulldisclosure/2025/Apr/8
https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122373
https://support.apple.com/en-us/122379

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact