Information disclosure in Apple iOS and iPadOS - CVE-2025-43460
Published: November 4, 2025
Vulnerability identifier: #VU118069
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-43460
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Apple Inc.
Affected software:
Apple iOS
iPadOS
Apple iOS
iPadOS
Detailed vulnerability description
The vulnerability allows an attacker to gain access to potentially sensitive information.
The vulnerability exists due to improper checks in Status Bar. An attacker with physical access to a locked device may be able to view sensitive user information.
How to mitigate CVE-2025-43460
Install updates from vendor's website.