CVE-2025-46287

Опубликовано: 12 дек. 2025

Источник: nvd

CVSS3: 6.5

CVSS3: 9.8

EPSS Низкий

Описание

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2. An attacker may be able to spoof their FaceTime caller ID.

Ссылки

https://support.apple.com/en-us/125884
https://support.apple.com/en-us/125885
https://support.apple.com/en-us/125886
https://support.apple.com/en-us/125887
Release Notes
Vendor Advisory
https://support.apple.com/en-us/125888
Release Notes
Vendor Advisory
https://support.apple.com/en-us/125890
https://support.apple.com/en-us/125891

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.8.3 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.7.3 (исключая)

EPSS

Процентиль: 20%

0.00063

Низкий

6.5 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-451

Связанные уязвимости

GHSA-mwm2-pvv7-x7ch

CVSS3: 6.5

github

около 2 месяцев назад

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An attacker may be able to spoof their FaceTime caller ID.

EPSS

Процентиль: 20%

0.00063

Низкий

6.5 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-451