CVE-2025-31225 is a privacy vulnerability identified in Apple iOS and iPadOS platforms affecting call history data management. Specifically, call history entries from apps that have been deleted may still be indexed and displayed in Spotlight search results, exposing sensitive information that should have been removed. This issue stems from improper data sanitization and residual data retention, classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The vulnerability allows an attacker with local access and low privileges to view confidential call history data without requiring user interaction, increasing the risk of privacy breaches. The flaw affects unspecified versions prior to iOS and iPadOS 18.5, where Apple has implemented a fix to remove sensitive data properly. The CVSS 3.1 base score of 7.1 reflects a high severity rating due to the vulnerability’s network attack vector (remote network access is not applicable here, but local network or physical access is implied), low attack complexity, no user interaction, and high confidentiality impact, though integrity and availability impacts are low. While no exploits have been reported in the wild, the vulnerability poses a significant risk to users’ privacy, especially in environments where devices may be shared or accessed by unauthorized personnel. The issue highlights the importance of secure data deletion and indexing practices in mobile operating systems.

For European organizations, this vulnerability primarily threatens the confidentiality of sensitive call history data on Apple mobile devices. Organizations in sectors such as finance, healthcare, legal, and government, where call records may contain sensitive or regulated information, are at heightened risk. Unauthorized disclosure of call history could lead to privacy violations, regulatory non-compliance (e.g., GDPR), reputational damage, and potential legal consequences. The vulnerability could be exploited by insiders or attackers who gain physical or local access to devices, including through theft or unauthorized use. Since the vulnerability does not affect integrity or availability, the main concern is data leakage. The impact is magnified in environments where devices are shared or where endpoint security controls are weak. Additionally, the persistence of deleted app data in search results undermines user trust and privacy expectations, which is critical under European privacy regulations.

The primary mitigation is to update all affected Apple devices to iOS and iPadOS version 18.5 or later, where the vulnerability has been addressed. Organizations should enforce timely patch management policies for mobile devices. Additionally, restricting local access to devices is crucial; implement strong device authentication (e.g., biometrics, strong passcodes) and limit physical access to trusted personnel only. Employ mobile device management (MDM) solutions to enforce security policies, including disabling Spotlight search or restricting its scope if feasible. Educate users about the risks of leaving devices unattended and the importance of secure deletion practices. Regularly audit devices for residual sensitive data and consider encryption of call history data where possible. For high-security environments, consider disabling or limiting the use of Spotlight search features that index sensitive data. Finally, monitor for any emerging exploits or updates from Apple and cybersecurity authorities.