Description
The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection.
Published: 2025-11-04
Score: 4.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Disabling Stolen Device Protection
Action: Apply patch
AI Analysis

Impact

An attacker who has physical access to an Apple phone or tablet could circumvent the Stolen Device Protection feature, making it possible for a stolen device to be fully operational. The vulnerability arises from missing safeguards that were added in a later update, allowing the authentication requirement to be bypassed. The weakness corresponds to CWE‑288, an authentication failure that undermines device security integrity.

Affected Systems

Apple’s iOS and iPadOS operating systems are affected. Devices running any version prior to the combined 26.1 release lack the protective logic and are vulnerable. Apple addressed the issue in iOS 26.1 and iPadOS 26.1.

Risk and Exploitability

The CVSS score of 4.6 indicates a moderate severity, while the EPSS score of less than 1% reflects a very low probability of exploitation at present. The vulnerability is not listed in CISA’s KEV catalog. Because the flaw requires physical possession of the device, the anticipated attack vector is a local, in‑person compromise rather than remote.

Generated by OpenCVE AI on April 22, 2026 at 21:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device to iOS 26.1 or later or to the equivalent iPadOS 26.1 version
  • Verify that Stolen Device Protection is enabled through Settings > Privacy
  • If the device is managed, use Mobile Device Management to enforce the protection setting and monitor compliance

Generated by OpenCVE AI on April 22, 2026 at 21:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/125632 cve-icon cve-icon
History

Wed, 22 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
Title Disabling Stolen Device Protection via Physical Access on Apple Devices

Mon, 01 Dec 2025 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-288

Wed, 05 Nov 2025 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple iphone Os
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Vendors & Products Apple iphone Os

Tue, 04 Nov 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Vendors & Products Apple
Apple ios
Apple ipados

Tue, 04 Nov 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.6, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection.
References

Subscriptions

Apple Ios Ipados Iphone Os
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:15:51.321Z

Reserved: 2025-04-16T15:24:37.123Z

Link: CVE-2025-43422

cve-icon Vulnrichment

Updated: 2025-11-04T15:34:53.344Z

cve-icon NVD

Status : Modified

Published: 2025-11-04T02:15:48.087

Modified: 2025-12-01T20:15:50.953

Link: CVE-2025-43422

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T21:45:06Z

Weaknesses