{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-43418", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-04-16T15:24:37.123Z", "datePublished": "2025-11-05T18:33:35.485Z", "dateUpdated": "2026-04-02T18:15:26.401Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An attacker with physical access to a locked device may be able to view sensitive user information"}]}], "affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "18.7.2", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device may be able to view sensitive user information."}], "references": [{"url": "https://support.apple.com/en-us/125632"}, {"url": "https://support.apple.com/en-us/125633"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:15:26.401Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-11-05T18:50:49.239281Z", "id": "CVE-2025-43418", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-05T18:50:52.441Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43418", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-05T18:50:49.239281Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-05T18:50:39.935Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "18.7", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/125632"}, {"url": "https://support.apple.com/en-us/125633"}], "descriptions": [{"lang": "en", "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device may be able to view sensitive user information."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An attacker with physical access to a locked device may be able to view sensitive user information"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-12-17T20:46:46.802Z"}}}, "cveMetadata": {"cveId": "CVE-2025-43418", "state": "PUBLISHED", "dateUpdated": "2025-12-17T20:46:46.802Z", "dateReserved": "2025-04-16T15:24:37.123Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-11-05T18:33:35.485Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "819E8F86-A336-49A2-853F-249459279A59", "versionEndExcluding": "18.7.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B98B4A6-EFB0-4651-BF56-06917E7CEC85", "versionEndExcluding": "18.7.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device may be able to view sensitive user information."}], "id": "CVE-2025-43418", "lastModified": "2025-12-17T21:16:00.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-11-05T19:15:53.653", "references": [{"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/125632"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125633"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T22:56:44.114756+00:00", "value": {"mitigation_remediation": ["Upgrade the device to iOS\u202f18.7.2 or later, or to iPadOS\u202f18.7.2 or later (also available in iOS\u202f26.1 / iPadOS\u202f26.1)", "If an upgrade is not possible, remove physical access to the device or place it in a secure, monitored location", "Where device\u2011management tools are available, disable unnecessary lock\u2011screen options or enforce passcode restrictions to reduce the attack surface"], "summary": {"action": "Immediate Patch", "impact": "Sensitive user information disclosure"}, "threat_synthesis": {"affected_systems": "Apple iOS and iPadOS devices are affected. The issue persists in any operating system release before iOS\u202f18.7.2, iPadOS\u202f18.7.2, iOS\u202f26.1 or iPadOS\u202f26.1. Versions released after these updates contain the fix.", "description_and_impact": "This vulnerability allows an attacker who has physical access to a locked Apple device to view sensitive user information. The flaw occurs because the lock screen still presents options that expose data, representing an improper access control weakness (CWE\u2011284). The impact is limited to information disclosure, with no remote execution or denial\u2011of\u2011service effect described.", "risk_and_exploitability": "The CVSS score of 4.6 indicates moderate severity, and the EPSS score of less than 1\u2009% shows a very low probability of exploitation. The vulnerability is not listed in CISA\u2019s KEV catalog. Attackers must physically access the locked device and the affected option must be visible on the lock screen, confining the risk to environments where the device is left unattended or where an attacker can gain nearby access."}}}}, "created": "2025-11-06T10:06:53.943270+00:00", "title": "Physical Access to Locked Device Allows Sensitive Information Disclosure", "updated": "2026-04-27T23:00:13.991627+00:00", "vendors": ["apple", "apple$PRODUCT$ios", "apple$PRODUCT$ipad_os"]}