CVE-2025-46287
📋 TL;DR
This CVE describes a FaceTime caller ID spoofing vulnerability in Apple operating systems. An attacker can manipulate the caller ID displayed during FaceTime calls, potentially tricking users into answering calls from malicious actors. The vulnerability affects multiple Apple platforms including iOS, iPadOS, macOS, watchOS, and visionOS.
💻 Affected Systems
- FaceTime
📦 What is this software?
Macos by Apple
macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...
Learn more about Macos →Macos by Apple
macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...
Learn more about Macos →⚠️ Risk & Real-World Impact
Worst Case
Successful social engineering attacks leading to financial fraud, data theft, or unauthorized access through impersonation of trusted contacts or institutions.
Likely Case
Users being tricked into answering calls from unknown parties, potentially leading to phishing attempts, harassment, or minor privacy violations.
If Mitigated
Users remain suspicious of unexpected calls and verify identities through secondary channels, minimizing successful exploitation.
🎯 Exploit Status
Exploitation requires initiating a FaceTime call and manipulating caller ID information. No authentication is required to initiate calls to vulnerable devices.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2
Vendor Advisory: https://support.apple.com/en-us/125884
Restart Required: Yes
Instructions:
1. Open Settings app. 2. Navigate to General > Software Update. 3. Download and install the latest available update. 4. Restart device when prompted.
🔧 Temporary Workarounds
Disable FaceTime
allTemporarily disable FaceTime functionality to prevent exploitation
Settings > FaceTime > Toggle FaceTime OFF
Enable Silence Unknown Callers
allConfigure device to automatically silence calls from unknown numbers
Settings > Phone > Silence Unknown Callers > Toggle ON
🧯 If You Can't Patch
- Educate users to verify caller identity through secondary channels before sharing sensitive information
- Implement policy requiring video confirmation for sensitive FaceTime communications
🔍 How to Verify
Check if Vulnerable:
Check current OS version against affected versions list. If running versions prior to the patched versions listed, device is vulnerable.Check Version:
Settings > General > About > Software VersionVerify Fix Applied:
Verify OS version matches or exceeds the patched versions: watchOS 26.2+, macOS Sonoma 14.8.3+, iOS 18.7.3+, iPadOS 18.7.3+, iOS 26.2+, iPadOS 26.2+, macOS Tahoe 26.2+, macOS Sequoia 15.7.3+, visionOS 26.2+📡 Detection & Monitoring
Log Indicators:
- Unusual FaceTime call patterns
- Calls from unexpected contacts
Network Indicators:
- FaceTime traffic with spoofed caller information
SIEM Query:
Event logs showing FaceTime calls with mismatched caller ID information