CVE-2025-46292

MEDIUM
2025-12-17 [email protected]
5.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 02, 2026 - 19:37 vuln.today
CVE Published
Dec 17, 2025 - 21:16 nvd
MEDIUM 5.5

Tags

Apple iOS Information Disclosure Ipados Iphone Os

Description

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data.

Analysis

Local authenticated applications on iOS and iPadOS can access user-sensitive data due to insufficient entitlement checks, affecting iOS 18.7.2 and earlier and iPadOS 18.7.2 and earlier (as well as iOS 26.1 and iPadOS 26.1 and earlier). An attacker with app installation capability can exploit this vulnerability to bypass privacy controls and exfiltrate protected user information. No public exploit identified at time of analysis, though the 5.5 CVSS score and information disclosure classification indicate moderate real-world risk in targeted attack scenarios.

Technical Context

This vulnerability stems from CWE-284 (Improper Access Control / Insufficient Authorization Checks), a fundamental access control weakness in Apple's iOS and iPadOS security model. The issue occurs when applications request sensitive user data-such as photos, contacts, location, or health information-that are normally protected by entitlements and runtime privacy prompts. The fix involves tightening entitlement validation logic within the OS kernel or core system frameworks, ensuring that applications cannot circumvent the declared capabilities defined in their code signing entitlements. CPE data confirms impact across both iPhone OS (iOS) and iPadOS product lines across multiple version branches, indicating this affects Apple's mobile platform's core authorization mechanism.

Affected Products

Apple iOS versions 18.7.2 and earlier, as well as iOS 26.1 and earlier (cpe:2.3:o:apple:iphone_os). Apple iPadOS versions 18.7.2 and earlier, as well as iPadOS 26.1 and earlier (cpe:2.3:o:apple:ipados). The vulnerability is patched in iOS 18.7.3 and iPadOS 18.7.3, as well as iOS 26.2 and iPadOS 26.2. Detailed security updates are available at Apple support advisory https://support.apple.com/en-us/125884 and https://support.apple.com/en-us/125885.

Remediation

Vendor-released patch: iOS 18.7.3, iPadOS 18.7.3, iOS 26.2, and iPadOS 26.2. Users should immediately apply the latest available iOS or iPadOS version via Settings > General > Software Update on their device. Organizations managing fleets of Apple devices should enforce automatic update policies to ensure timely deployment of this security patch. For environments where immediate patching is constrained, restrict installation of untrusted third-party applications and review installed app permissions in Privacy settings (Settings > Privacy). Refer to Apple security advisories at https://support.apple.com/en-us/125884 and https://support.apple.com/en-us/125885 for comprehensive patch details.

Priority Score

28
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +28
POC: 0

Share

CVE-2025-46292 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy