CVE-2025-31207

HIGH

iPadOS < 18.5 - Unauthorized App Enumeration

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-31207. PoCs published by iCrazeiOS.

AI-analyzed exploit summary This repository contains a jailbreak tweak designed to patch CVE-2025-31207, an information leakage vulnerability in iOS that allows sandboxed applications to enumerate installed apps. The tweak is built using Theos and targets the SpringBoard process to mitigate the vulnerability.

Description

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps.

Exploits (1)

nomisec WORKING POC 4 stars

by iCrazeiOS · poc

https://github.com/iCrazeiOS/AppEnumFix

View Code ZIP pw:eip

This repository contains a jailbreak tweak designed to patch CVE-2025-31207, an information leakage vulnerability in iOS that allows sandboxed applications to enumerate installed apps. The tweak is built using Theos and targets the SpringBoard process to mitigate the vulnerability.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: iOS (versions prior to 18.5)

No auth needed

Prerequisites: jailbroken iOS device · Theos toolchain

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Apr 24, 2026 Full analysis →

References (2)

Core 2

Core References

Release Notes, Vendor Advisory

https://support.apple.com/en-us/122404

Mailing List

http://seclists.org/fulldisclosure/2025/May/5

Scores

CVSS v3 7.7

EPSS 0.0022

EPSS Percentile 12.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (3)

Apple/iOS and iPadOS < 18.5

apple/ipados < 18.5

apple/iphone_os < 18.5

Published May 12, 2025

Tracked Since Feb 18, 2026