Primary

Context

Apple iOS and iPadOS App Enumeration Vulnerability

Vulnerability

Patched

A logic vulnerability allowing apps to enumerate a user's installed applications has been identified in Apple iOS and iPadOS. This issue affects iPhone XS and later models, as well as various iPad Pro, iPad Air, iPad, and iPad mini models, all through version 18.4. The vulnerability arises from insufficient checks, which could enable an app to access information about other installed apps on the device.

Impact

Exploitation of this vulnerability could lead to unauthorized enumeration of installed apps, potentially allowing for privacy violations or targeted attacks based on the apps identified.

Remediation

Users can update to iOS 18.5 or iPadOS 18.5 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple iOS and iPadOS App Enumeration Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apple iPadOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating