CVE-2025-43357

low

Published 2025-09-15 · Modified 2026-05-26

CVSS v3

3.3

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CVSS v2

—

VIR risk

3.3

Description

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to fingerprint the user.

Predictions

Exploit likelihood

34%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: product-security@apple.com — https://support.apple.com/en-us/125108

OS impact

OS	Version	Status	Fixed in
macos		affected	`26.0`

References

https://support.apple.com/en-us/125108
https://support.apple.com/en-us/125109
https://support.apple.com/en-us/125110
https://support.apple.com/en-us/125111
https://support.apple.com/en-us/125112
http://seclists.org/fulldisclosure/2025/Sep/49
http://seclists.org/fulldisclosure/2025/Sep/53

CWEs

CWE-359

Verify integrity in audit chain (admin only). AS-IS.