CVE-2025-43502_CVE-2025-43502

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. An app may be able to bypass certain Privacy preferences.

Basic Information

ID CVE-2025-43502

Source apple

Published Nov 4, 2025 at 01:17

Modified Nov 4, 2025 at 14:47

Affected Product

Vendor Apple

Product Safari

Version unspecified

Affected Versions Apple Safari unspecified
Apple visionOS unspecified
Apple iOS and iPadOS unspecified

CWE Classification

CWE-284

References

{
    "lastseen": "",
    "description": "A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. An app may be able to bypass certain Privacy preferences.",
    "published": "2025-11-04T01:17:52.851Z",
    "modified": "2025-11-04T14:47:59.138Z",
    "type": "cve",
    "title": "CVE-2025-43502",
    "source": "apple",
    "references": "https://support.apple.com/en-us/125640\nhttps://support.apple.com/en-us/125638\nhttps://support.apple.com/en-us/125632",
    "id": "CVE-2025-43502",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "Apple Safari unspecified\nApple visionOS unspecified\nApple iOS and iPadOS unspecified",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Safari",
    "version": "unspecified",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}