Inconsistent User Interface Issue in macOS Products by Apple
CVE-2025-46287

9.8CRITICAL

Key Information:

Vendor: Apple
Status: iOS And iPad OS; Mac OS; Visionos; Watch OS
Vendor: CVE Published:; 12 December 2025

What is CVE-2025-46287?

An issue has been identified in Apple’s macOS products related to inconsistent user interface management, which could allow an attacker to spoof their FaceTime caller ID. This vulnerability may lead to privacy concerns for users, as it undermines the trust associated with caller identification in FaceTime. Apple has addressed this issue in the latest versions of macOS Sonoma and Sequoia, enhancing state management to prevent such spoofing attempts. Users are encouraged to update their systems to the latest versions to safeguard against this vulnerability.

Affected Version(s)

iOS and iPadOS < 18.7

iOS and iPadOS < 26.2

macOS < 14.8

References

https://support.apple.com/en-us/125885

https://support.apple.com/en-us/125888

https://support.apple.com/en-us/125884

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2025
Vulnerability Reserved
Apr 22, 2025

JSON