Logic Flaw in iOS and iPadOS Allowing Unauthorized Notification Access
CVE-2025-43309

2.4LOW

Key Information:

Vendor: Apple
Status: iOS And iPad OS
Vendor: CVE Published:; 4 November 2025

What is CVE-2025-43309?

A security flaw has been identified in iOS 26 and iPadOS 26, which allows individuals with physical access to the device to potentially view sensitive notification contents directly from the Lock Screen. This vulnerability underscores the importance of strengthening access controls to prevent unauthorized data exposure.

Affected Version(s)

iOS and iPadOS < 26

References

https://support.apple.com/en-us/125108

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Apple

What is CVE-2025-43309?

Affected Version(s)

References

CVSS V3.1

Timeline