EUVD-2025-208977

| CVE-2025-43534 MEDIUM
2026-03-25 apple
6.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 25, 2026 - 01:00 euvd
EUVD-2025-208977
Analysis Generated
Mar 25, 2026 - 01:00 vuln.today
CVE Published
Mar 25, 2026 - 00:35 nvd
MEDIUM 6.8

Tags

Apple Authentication Bypass iOS

Description

A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2. A user with physical access to an iOS device may be able to bypass Activation Lock.

Analysis

A path handling vulnerability in iOS and iPadOS allows users with physical access to an iOS device to bypass Activation Lock through improved validation gaps in path handling logic. This authentication bypass affects iOS versions prior to 18.7.7 and 26.2, as well as corresponding iPadOS releases. While no CVSS score or EPSS data is publicly available, the physical access requirement and authentication bypass nature indicate a meaningful risk to device security and stolen device protection.

Technical Context

The vulnerability stems from inadequate path validation in iOS and iPadOS's Activation Lock mechanism, which is the authentication framework preventing unauthorized access to Apple devices after factory reset. The affected technology involves the device's path handling routines (likely within the boot or authentication subsystem) that fail to properly validate or sanitize file paths during the lock verification process. Per CPE designation (cpe:2.3:a:apple:ios_and_ipados), this affects the core iOS and iPadOS operating system rather than a discrete application component. While no explicit CWE is assigned, this aligns with CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) or CWE-434 (Unrestricted Upload of File with Dangerous Type), indicating insufficient path canonicalization or validation logic.

Affected Products

Apple iOS and iPadOS versions prior to 18.7.7 and 26.2 are affected, as confirmed by CPE designation cpe:2.3:a:apple:ios_and_ipados. The vulnerability impacts all users running iOS or iPadOS releases before these security updates. Apple has issued security advisories documenting the fix in iOS 18.7.7, iPadOS 18.7.7, iOS 26.2, and iPadOS 26.2. Detailed patch information and affected version ranges are documented in Apple support articles 125884 and 126793 (https://support.apple.com/en-us/125884 and https://support.apple.com/en-us/126793).

Remediation

Immediately update iOS or iPadOS to version 18.7.7 or 26.2 or later via Settings > General > Software Update. For organizations managing iOS devices, deploy mandatory mobile device management (MDM) policies enforcing automatic security updates and restrict physical device access to authorized personnel only. Until patching is complete, enable additional security measures such as longer alphanumeric Activation Lock credentials, two-factor authentication on associated Apple ID accounts, and physical device monitoring to prevent unauthorized possession. Users should also enable Find My iPhone and ensure their Apple ID password is unique and secure to prevent credential-based Activation Lock bypass attempts that may accompany this vulnerability. Refer to Apple's official security advisories at https://support.apple.com/en-us/125884 and https://support.apple.com/en-us/126793 for detailed update instructions.

Priority Score

34
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +34
POC: 0

Share

EUVD-2025-208977 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy