CVE-2025-43423

low-risk

Published 2025-11-04

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, visionOS 26.1. An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive user information in system logging.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 2.0/10 Low

PHYSICAL / HIGH complexity

Affected Products (4)

Ipados

Iphone Os

Macos

Visionos

Affected Vendors

Apple

References (5)

https://support.apple.com/en-us/125632

https://support.apple.com/en-us/125633

https://support.apple.com/en-us/125634

https://support.apple.com/en-us/125635

https://support.apple.com/en-us/125638

/ 100

low-risk

Severity 5/34 · Minimal

Exploitability 0/34 · Minimal

Exposure 10/34 · Low