An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, visionOS 26.1. An app may be able to access sensitive user data.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/125632 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125635 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125636 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125638 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
04 Nov 2025, 19:06
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* |
|
| First Time |
Apple visionos
Apple Apple macos Apple iphone Os Apple ipados |
|
| References | () https://support.apple.com/en-us/125632 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125635 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125636 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125638 - Release Notes, Vendor Advisory |
04 Nov 2025, 18:16
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-284 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
04 Nov 2025, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-11-04 02:15
Updated : 2025-11-04 19:06
NVD link : CVE-2025-43498
Mitre link : CVE-2025-43498
CVE.ORG link : CVE-2025-43498
JSON object : View
Products Affected
apple
- ipados
- macos
- iphone_os
- visionos
CWE
CWE-284
Improper Access Control