CVE-2025-43408

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-43408

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-43408.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-43408

Published

2025-11-04T02:15:47.217Z

Modified

2026-03-14T08:45:31.714287Z

Severity

2.4 (Low) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An attacker with physical access may be able to access contacts from the lock screen.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "14.8.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "15.0"
            },
            {
                "fixed": "15.7.2"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-43408.json"