CVE-2025-43230

MEDIUM

4.0

Beschreibung

The issue was addressed with additional permissions checks. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. An app may be able to access user-sensitive data.

CVE Details

CVSS v3.1 Bewertung4.0

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AngriffsvektorLOCAL

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht7/30/2025

Zuletzt geandert4/2/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

apple:ipadosapple:iphone_osapple:macosapple:tvosapple:visionosapple:watchos

Schwachen (CWE)

CWE-863

Referenzen

https://support.apple.com/en-us/124147(product-security@apple.com)

https://support.apple.com/en-us/124148(product-security@apple.com)

https://support.apple.com/en-us/124149(product-security@apple.com)

https://support.apple.com/en-us/124153(product-security@apple.com)

https://support.apple.com/en-us/124154(product-security@apple.com)

https://support.apple.com/en-us/124155(product-security@apple.com)

http://seclists.org/fulldisclosure/2025/Jul/30(af854a3a-2127-422b-91ae-364da2661108)

http://seclists.org/fulldisclosure/2025/Jul/31(af854a3a-2127-422b-91ae-364da2661108)

http://seclists.org/fulldisclosure/2025/Jul/32(af854a3a-2127-422b-91ae-364da2661108)

http://seclists.org/fulldisclosure/2025/Jul/35(af854a3a-2127-422b-91ae-364da2661108)

http://seclists.org/fulldisclosure/2025/Jul/37(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.