Description
An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.
Published: 2025-04-29
Score: 7.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass
Action: Patch Immediately
AI Analysis

Impact

An authentication issue in Apple’s operating systems was caused by improper state management, enabling a local network attacker to bypass the device’s authentication policy. The flaw conforms to CWE‑288, which concerns authorization or authentication failures. If exploited, an attacker could gain unauthorized access to the device, potentially reading or modifying data, and could exercise elevated privileges if the compromised account has higher authority. The impact is confinement to the local network and requires the attacker to be on the same physical or logical network segment as the target device.

Affected Systems

Affected Apple platforms include iOS and iPadOS. Specific vulnerable releases are iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, and visionOS 2.4. No other versions are listed as affected.

Risk and Exploitability

The vulnerability carries a CVSS score of 7.7, indicating high severity, but its EPSS score is below 1%, reflecting a very low likelihood of current exploitation. It is not listed in the CISA KEV catalog. The attack vector is local network access; an attacker must be physically present or otherwise in control of the local network to exploit the flaw. Once accessed, the device may be compromised through authentication bypass, leading to possible data theft or further lateral movement.

Generated by OpenCVE AI on April 28, 2026 at 02:10 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest OS updates listed above for iOS, iPadOS, macOS, tvOS, and visionOS.
  • If a patch cannot be applied immediately, isolate the device from untrusted local networks by configuring network segmentation or firewall rules that block unnecessary inbound connections.
  • Enforce strong authentication controls on local network services, ensuring that session state is validated and cannot be manipulated by external actors.

Generated by OpenCVE AI on April 28, 2026 at 02:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-12736 An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.
History

Tue, 28 Apr 2026 02:30:00 +0000

Type Values Removed Values Added
Title Local Network Authentication Bypass via Improper State Management

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy. An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.

Wed, 27 Aug 2025 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-863

Wed, 27 Aug 2025 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-288

Tue, 29 Apr 2025 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple iphone Os
Apple macos
Apple tvos
Apple visionos
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple iphone Os
Apple macos
Apple tvos
Apple visionos

Tue, 29 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-863
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 29 Apr 2025 02:30:00 +0000

Type Values Removed Values Added
Description An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.
References

Subscriptions

Apple Ipados Iphone Os Macos Tvos Visionos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:13:20.530Z

Reserved: 2025-01-17T00:00:45.000Z

Link: CVE-2025-24206

cve-icon Vulnrichment

Updated: 2025-04-29T13:38:31.779Z

cve-icon NVD

Status : Modified

Published: 2025-04-29T03:15:34.413

Modified: 2026-04-02T19:19:18.757

Link: CVE-2025-24206

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T02:15:18Z

Weaknesses