Permissions Issue in Apple Operating Systems Affecting User Data Access
CVE-2025-43317

5.5MEDIUM

Key Information:

Vendor: Apple
Status: iOS And iPad OS; TV OS; Visionos; Watch OS
Vendor: CVE Published:; 15 September 2025

What is CVE-2025-43317?

A permissions issue has been identified across several Apple operating systems that could potentially allow applications to access sensitive user data without proper authorization. This vulnerability has been addressed in the latest versions of tvOS, watchOS, visionOS, macOS, iOS, and iPadOS, ensuring users are better protected against unauthorized data access.

Affected Version(s)

iOS and iPadOS < 26

macOS < 26

tvOS < 26

References

https://support.apple.com/en-us/125108

https://support.apple.com/en-us/125114

https://support.apple.com/en-us/125115

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Apr 16, 2025

JSON