An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access restrictions by leveraging incorrect configuration-profile persistence.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApple iOS
OSApple< 11.3Apple Mac Os X
OSApple< 10.13.4Apple tvOS
OSApple< 11.3Apple watchOS
OSApple< 4.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2025-43300CRITICAL10.0⚠ KEVPL ✓ten sam produkt
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
CVE-2025-31201CRITICAL9.8⚠ KEVPL ✓ten sam produkt
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach
CVE-2025-31200CRITICAL9.8⚠ KEVPL ✓ten sam produkt
Apple — memory corruption (RCE) w przetwarzaniu strumieni audio
CVE-2025-24201CRITICAL10.0⚠ KEVPL ✓ten sam produkt
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki
CVE-2025-24085CRITICAL10.0⚠ KEVPL ✓ten sam produkt
Use-after-free w Apple iOS/iPadOS/macOS — privilege escalation przez aplikację