Info Disclosure in Apple iOS 26.1/iPadOS 26.1 Allowing User Fingerprinting
CVE-2025-43437 Published on December 12, 2025
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in iOS 26.1 and iPadOS 26.1. An app may be able to fingerprint the user.
Vulnerability Analysis
CVE-2025-43437 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2025-43437 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2025-43437
stack.watch emails you whenever new vulnerabilities are published in Apple Ios And Ipados or Apple iOS. Just hit a watch button to start following.
Affected Versions
Apple iOS and iPadOS:- Version unspecified and below 26.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.