Guilherme Rambo 5/12/2025

A Privacy Mechanism That Backfired

Read Original

This technical article details the discovery of CVE-2025-31212, an iOS vulnerability where a privacy mechanism backfired. In iOS 18, Apple updated Bluetooth permission prompts to show nearby devices, raising user awareness. However, the process of assembling this prompt data within the app's process allowed a malicious app to access Bluetooth LE device information before user consent was granted, exploiting the very feature meant to enhance transparency.

0 comments
#vulnerability #privacy #Io
A Privacy Mechanism That Backfired

Comments

No comments yet

Be the first to share your thoughts!

Browser Extension

Get instant access to AllDevBlogs from your browser

Top of the Week

1
React, useEffect, and Stale Closures: How to Avoid Them with Dependencies and useRef
Jivbcoop 4 votes
2
Better react-hook-form Smart Form Components
Maarten Hus 2 votes
3
AGI, ASI, A*I – Do we have all we need to get there?
John D. Cook 1 votes
4
Quoting Thariq Shihipar
Simon Willison 1 votes
5
Dew Drop – January 15, 2026 (#4583)
Alvin Ashcraft 1 votes
6
Using Browser Apis In React Practical Guide
Jivbcoop 1 votes