{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-31228", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-03-27T16:13:58.322Z", "datePublished": "2025-05-12T21:42:37.095Z", "dateUpdated": "2026-04-02T18:16:13.412Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An attacker with physical access to a device may be able to access notes from the lock screen"}]}], "affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "18.5", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "17.7.7", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved authentication. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to access notes from the lock screen."}], "references": [{"url": "https://support.apple.com/en-us/122404"}, {"url": "https://support.apple.com/en-us/122405"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:16:13.412Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-287", "lang": "en", "description": "CWE-287 Improper Authentication"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-05-13T19:37:29.928405Z", "id": "CVE-2025-31228", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-13T19:42:11.798Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/May/6"}, {"url": "http://seclists.org/fulldisclosure/2025/May/5"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:50:39.859Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/May/6"}, {"url": "http://seclists.org/fulldisclosure/2025/May/5"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:50:39.859Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-31228", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-13T19:37:29.928405Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-13T19:41:28.959Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "17.7", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "18.5", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/122405"}, {"url": "https://support.apple.com/en-us/122404"}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to access notes from the lock screen."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An attacker with physical access to a device may be able to access notes from the lock screen"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-05-12T21:42:37.095Z"}}}, "cveMetadata": {"cveId": "CVE-2025-31228", "state": "PUBLISHED", "dateUpdated": "2025-11-03T19:50:39.859Z", "dateReserved": "2025-03-27T16:13:58.322Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-05-12T21:42:37.095Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "683ECAF8-DB29-40DB-963A-B95EA2A2AC01", "versionEndExcluding": "17.7.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "069735D6-38B4-402A-9E79-1961701C9AD3", "versionEndExcluding": "18.5", "versionStartIncluding": "18.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF6AAC00-F384-4B0D-BBA9-C2AD278BF653", "versionEndExcluding": "18.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved authentication. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to access notes from the lock screen."}, {"lang": "es", "value": "El problema se solucion\u00f3 mejorando la autenticaci\u00f3n. Este problema est\u00e1 corregido en iPadOS 17.7.7, iOS 18.5 y iPadOS 18.5. Un atacante con acceso f\u00edsico a un dispositivo podr\u00eda acceder a las notas desde la pantalla de bloqueo."}], "id": "CVE-2025-31228", "lastModified": "2026-04-02T19:19:51.370", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-05-12T22:15:23.493", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122404"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122405"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/May/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/May/6"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T11:25:22.866313+00:00", "value": {"mitigation_remediation": ["Upgrade the device to iOS 18.5 or later, or to iPadOS 18.5 or 17.7.7 to receive the authentication fix", "Disable the option to view Notes from the lock screen in Settings \u2192 Notes \u2192 Lock Screen Access", "Ensure the device is stored in a secure location to prevent unauthorized physical access"], "summary": {"action": "Apply Update", "impact": "Unauthorized note access from lock screen"}, "threat_synthesis": {"affected_systems": "Apple's iOS and iPadOS devices are affected. The issue persists in all versions prior to iOS 18.5 and iPadOS 18.5, as well as any iPadOS version older than 17.7.7. The fix is implemented in iOS 18.5, iPadOS 18.5, and iPadOS 17.7.7 releases.", "description_and_impact": "The vulnerability arises from a flaw in the authentication mechanism that allows sensitive data\u2014specifically user notes\u2014to be exposed from the lock screen. An attacker with physical possession of a device can view these notes without unlock credentials, thereby compromising confidentiality of personal information. This weakness is classified as CWE\u2011287, authentication bypass.", "risk_and_exploitability": "The CVSS score of 6.8 indicates a medium severity, while the EPSS score of less than 1\u202f% suggests a low likelihood of exploitation at this time. The vulnerability is not listed in the CISA KEV catalog. Because the capability to access notes requires physical possession of the device, the likely attack vector is a local, physical attack, potentially carried out by an intimate or opportunistic adversary."}}}}, "created": "2026-04-28T11:30:29.834789+00:00", "title": "Physical Access Enables Viewing Notes from Lock Screen", "updated": "2026-04-28T11:30:29.834802+00:00", "vendors": []}