CVE-2025-43350

LOW

iPadOS < 26.1 - Unprotected User Data Exposure via Lock Screen

Title source: llm
STIX 2.1

Description

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker may be able to view restricted content from the lock screen.

References (1)

Core 1
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/125632

Scores

CVSS v3 2.4
EPSS 0.0018
EPSS Percentile 7.4%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-276
Status published
Products (3)
Apple/iOS and iPadOS < 26.1
apple/ipados < 26.1
apple/iphone_os < 26.1
Published Nov 04, 2025
Tracked Since Feb 18, 2026