Insufficient UI Warning of Dangerous Operations in Apple iOS and iPadOS - CVE-2025-43360
Published: November 4, 2025
Vulnerability identifier: #VU118083
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-43360
CWE-ID: CWE-357
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Apple Inc.
Affected software:
Apple iOS
iPadOS
Apple iOS
iPadOS
Detailed vulnerability description
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to an UI issue in Authentication Services leading to password fields being unintentionally revealed. An attacker with physical access to device can view passwords.
How to mitigate CVE-2025-43360
Install updates from vendor's website.