Primary

Context

Apple CoreServices Vulnerability Allowing App Enumeration of Installed Apps

Vulnerability

Patched

A permissions vulnerability in the CoreServices component of multiple Apple operating systems, including iOS, iPadOS, tvOS, visionOS, and watchOS, allows apps to enumerate a user's installed applications. This issue affects several different versions and ranges of these operating systems. The vulnerability was addressed with additional restrictions.

Impact

Exploitation of this vulnerability could lead to unauthorized enumeration of installed apps on the user's device.

Remediation

Users can update to the latest version of watchOS, iOS, iPadOS, or tvOS to address this vulnerability. Instructions for updating can be found on the Apple Support website.

Added: Nov 4, 2025, 2:48 AM

Updated: Nov 4, 2025, 2:48 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.3

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.3

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple CoreServices Vulnerability Allowing App Enumeration of Installed Apps

Vulnerability

Impact

Remediation

Affected Products

Apple watchOS

Apple iPadOS

Apple tvOS

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating