How severe is CVE-2025-24198?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2025-24198?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2025-24198

MEDIUM Year: 2025

CVSS v3 Score

6.6

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access may be able to use Siri to access sensitive user data.

CVE-2016-5581

MEDIUM

CVSS:6.6(Medium)

Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and a...

CWE-2842016

CVE-2016-6898

MEDIUM

CVSS:6.6(Medium)

XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary fil...

CWE-2842016

CVE-2020-1666

MEDIUM

CVSS:6.6(Medium)

The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a m...

CWE-2842020

CVE-2022-1959

MEDIUM

CVSS:6.6(Medium)

AppLock version 7.9.29 allows an attacker with physical access to the device to bypass biometric authentication. This is possible because the application did not correctly implement fingerprint valida...

CWE-2842022