PT-2026-27525 · Apple · Ipados+2
Published
2026-03-24
·
Updated
2026-04-15
·
CVE-2025-43534
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
iOS versions prior to 18.7.7
iPadOS versions prior to 18.7.7
iOS version 26.2
iPadOS version 26.2
Description
A path handling issue exists due to improved validation. This may allow a user with physical access to bypass Activation Lock. The issue is related to access control flaws in the iTunes Store component of iPadOS and iOS.
Recommendations
Update to iOS 18.7.7 or later.
Update to iPadOS 18.7.7 or later.
Update to iOS 26.2.
Update to iPadOS 26.2.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ios
Ipados
Itunes Store