CVE-2025-43422

Medium

4.6/10

Summary

The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection.

Attack Complexity: LOW
Attack Vector: PHYSICAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Nov 04, 2025

CVE-2025-43422

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS