Security Vulnerability Report
中文
CVE-2025-43459 CVSS 4.6 MEDIUM

CVE-2025-43459

Published: 2025-11-04 02:15:51
Last Modified: 2025-11-04 17:50:59
Source: [email protected]

Description

An authentication issue was addressed with improved state management. This issue is fixed in watchOS 26.1. An attacker with physical access to a locked Apple Watch may be able to view Live Voicemail.

CVSS Details

CVSS Score
4.6
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* - VULNERABLE
Apple Watch watchOS < 26.1

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-43459 PoC - Apple Watch Live Voicemail Bypass # Description: Physical access to locked Apple Watch allows viewing Live Voicemail # CVSS: 4.6 (MEDIUM) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N """ This PoC describes the attack steps for CVE-2025-43459. Note: This vulnerability requires physical access to the target device. Attack Steps: 1. Obtain physical access to a locked Apple Watch 2. Navigate to the Watch face or home screen 3. Access the Phone/Voicemail application 4. Look for Live Voicemail indicator or notification 5. Tap/interact with the Live Voicemail to view its content 6. The voicemail content is displayed despite device being locked Mitigation: - Update to watchOS 26.1 or later - Enable Find My feature for lost device protection - Avoid leaving Apple Watch unattended in public places """ # Example verification steps (requires physical device) def verify_vulnerability(watch_version): """Check if device is vulnerable""" vulnerable_versions = ['26.0', '25.x', '24.x'] # versions before 26.1 return any(watch_version.startswith(v) for v in vulnerable_versions) # Defense recommendation def get_recommendation(): return "Upgrade to watchOS 26.1 or later to patch CVE-2025-43459"

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-43459", "sourceIdentifier": "[email protected]", "published": "2025-11-04T02:15:51.313", "lastModified": "2025-11-04T17:50:59.190", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "An authentication issue was addressed with improved state management. This issue is fixed in watchOS 26.1. An attacker with physical access to a locked Apple Watch may be able to view Live Voicemail."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.6, "baseSeverity": "MEDIUM", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 0.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-863"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.1", "matchCriteriaId": "9F9D7F76-13FB-407C-94E5-221B93021568"}]}]}], "references": [{"url": "https://support.apple.com/en-us/125639", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.