CVE-2025-43294

CVSS 3.3 LOWEPSS 0.2%CWE-284

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26, tvOS 26.1, watchOS 26.1. An app may be able to access sensitive user data.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Produtos afetados

Apple · iOS and iPadOS Apple · macOS Apple · tvOS Apple · watchOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://seclists.org/fulldisclosure/2025/Sep/53 https://support.apple.com/en-us/125110 https://support.apple.com/en-us/125632 https://support.apple.com/en-us/125637 https://support.apple.com/en-us/125639