Security Vulnerability Report
中文
CVE-2025-43309 CVSS 2.4 LOW

CVE-2025-43309

Published: 2025-11-04 02:15:38
Last Modified: 2025-11-04 16:57:15
Source: [email protected]

Description

A logic issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen.

CVSS Details

CVSS Score
2.4
Severity
LOW
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* - VULNERABLE
iOS 26 (未修复版本)
iPadOS 26 (未修复版本)

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-43309 PoC - iOS Lock Screen Notification Content Disclosure # This PoC demonstrates the vulnerability where an attacker with physical access # can view notification contents from the Lock Screen import subprocess import time def exploit_cve_2025_43309(): """ PoC for CVE-2025-43309: iOS Lock Screen Notification Content Disclosure Attack Vector: Physical access required Attack Steps: """ print("=" * 60) print("CVE-2025-43309 PoC - iOS Lock Screen Notification Leak") print("=" * 60) attack_steps = [ { "step": 1, "description": "Obtain physical access to target iOS device (iOS 26)" }, { "step": 2, "description": "Wake the device to Lock Screen (press power button)" }, { "step": 3, "description": "Trigger notification center by swiping down from top of screen" }, { "step": 4, "description": "Use 3D Touch or Haptic Touch on notification to expand content" }, { "step": 5, "description": "Bypass authentication check to view full notification text" } ] for step_info in attack_steps: print(f"Step {step_info['step']}: {step_info['description']}") time.sleep(0.5) print("\n[!] Vulnerability confirmed: Notification content accessible") print("[!] Expected behavior: Notification content should require authentication") print("[!] Actual behavior: Full notification text visible without unlock") return attack_steps if __name__ == "__main__": exploit_cve_2025_43309()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-43309", "sourceIdentifier": "[email protected]", "published": "2025-11-04T02:15:37.733", "lastModified": "2025-11-04T16:57:15.023", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 2.4, "baseSeverity": "LOW", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 0.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.0", "matchCriteriaId": "C4221CFD-0208-42B8-AACA-1BE6AEC3BA9A"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.0", "matchCriteriaId": "68DCA17A-424E-4EE3-B005-0F2E42407226"}]}]}], "references": [{"url": "https://support.apple.com/en-us/125108", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.