CVE-2025-43428

🗓️ 17 Dec 2025 20:46:35Reported by appleType

CVE-2025-43428 fixes a configuration issue allowing Hidden Photos without authentication on Apple platforms.

Reporter	Title	Published	Views	Family All 13
Apple	About the security content of visionOS 26.2	12 Dec 202500:00	–	apple
Tenable Nessus	Apple iOS < 26.2 Multiple Vulnerabilities (125884)	12 Dec 202500:00	–	nessus
Tenable Nessus	macOS 26.x < 26.2 Multiple Vulnerabilities (125886)	12 Dec 202500:00	–	nessus
Circl	CVE-2025-43428	16 Dec 202506:48	–	circl
CNNVD	Apple多款产品安全漏洞	17 Dec 202500:00	–	cnnvd
Cvelist	CVE-2025-43428	17 Dec 202520:46	–	cvelist
EUVD	EUVD-2025-203975	17 Dec 202520:46	–	euvd
NCSC	Vulnerabilities fixed in Apple macOS	15 Dec 202509:06	–	ncsc
NCSC	Vulnerabilities fixed in Apple iOS and iPadOS	15 Dec 202509:08	–	ncsc
NVD	CVE-2025-43428	17 Dec 202521:16	–	nvd

NVD

Vulners

Node

apple ipadosRange<26.2

apple iphone_osRange<26.2

apple macosRange<26.2

apple visionosRange<26.2

[
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "26.2",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "26.2",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "visionOS",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "26.2",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
support	www.support.apple.com/en-us/125886
support	www.support.apple.com/en-us/125891
support	www.support.apple.com/en-us/125884

02 Apr 2026 19:20Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.19.8

EPSS0.00093

SSVC

CWE-306