CVE-2025-43309

Published: Nov 4, 2025Modified: Nov 4, 2025

2.4

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 0.9 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A logic issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen.

Affected (2)

Products: Apple: Ipados, Iphone Os

Apple

2 products

Ipados

Iphone Os

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 26.0
Apple Iphone Os	Before 26.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (1)

https://support.apple.com/en-us/125108

Source: product-security@apple.com

Release NotesVendor Advisory

Timeline

No history available yet.