Description
The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note.
Published: 2025-09-15
Score: 4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Confidentiality Disclosure via Physical Access to Cached Notes
Action: Patch
AI Analysis

Impact

The vulnerability stems from improper cache handling in iOS and iPadOS, allowing an attacker with physical access to an unlocked device to retrieve an image that was previously viewed in a locked note. This disclosure of private image content is a direct compromise of user confidentiality. The flaw is classified as CWE‑922, reflecting issues related to cached data leakage.

Affected Systems

Apple iOS and iPadOS devices are affected if they run a version prior to iOS 18.7, iPadOS 18.7, iOS 26, or iPadOS 26. The official fix was integrated in those update releases, so any device operating on older firmware inherits the vulnerability.

Risk and Exploitability

The CVSS score of 4.0 indicates moderate severity, while an EPSS score of less than 1% suggests a very low probability of exploitation. The flaw is only exploitable when the attacker has physical possession of an unlocked device, limiting its remote reach. The vulnerability is not listed in the CISA KEV catalog, further supporting its low current exploitation risk. Nevertheless, any device that remains on affected firmware should be upgraded immediately to mitigate the confidentiality risk.

Generated by OpenCVE AI on April 28, 2026 at 00:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the device to iOS 18.7 or later
  • Upgrade to iPadOS 18.7 or later
  • Restart the device after applying the update to clear any remaining cached data

Generated by OpenCVE AI on April 28, 2026 at 00:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-29344 The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note.
History

Tue, 28 Apr 2026 00:45:00 +0000

Type Values Removed Values Added
Title Cache Handling Leading to Note Image Disclosure with Physical Access

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved handling of caches. This issue is fixed in iOS 26 and iPadOS 26, iOS 18.7 and iPadOS 18.7. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note. The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note.

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note. The issue was addressed with improved handling of caches. This issue is fixed in iOS 26 and iPadOS 26, iOS 18.7 and iPadOS 18.7. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note.

Mon, 03 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Wed, 17 Sep 2025 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple iphone Os
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Vendors & Products Apple iphone Os

Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Vendors & Products Apple
Apple ios
Apple ipados

Tue, 16 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-922
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 15 Sep 2025 22:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note.
References

Subscriptions

Apple Ios Ipados Iphone Os
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:08:37.341Z

Reserved: 2025-04-16T15:24:37.088Z

Link: CVE-2025-43203

cve-icon Vulnrichment

Updated: 2025-11-03T18:09:38.169Z

cve-icon NVD

Status : Modified

Published: 2025-09-15T23:15:30.477

Modified: 2026-04-02T19:20:04.020

Link: CVE-2025-43203

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T00:30:15Z

Weaknesses