CVE-2025-46287 is a security vulnerability identified in Apple macOS related to FaceTime, Apple's video and audio calling service. The root cause is an inconsistent user interface state management issue that allows an attacker to spoof the FaceTime caller ID. This means an attacker can manipulate the caller ID information displayed to the recipient, making it appear as though the call is coming from a trusted or different source. The vulnerability affects macOS versions prior to the patched releases macOS Sonoma 14.8.3 and macOS Sequoia 15.7.3, though the exact affected versions are unspecified. The flaw was addressed by Apple through improved state management to ensure the caller ID is accurately represented. Exploitation does not require authentication or complex user interaction beyond receiving the call, making it relatively straightforward for an attacker to attempt. While no known exploits are currently reported in the wild, the potential for misuse in social engineering or phishing attacks is significant, as users may be deceived into trusting malicious callers. This vulnerability primarily impacts the confidentiality and integrity of communications by undermining trust in caller identity, potentially leading to unauthorized information disclosure or fraudulent activities. The lack of a CVSS score necessitates an expert severity assessment based on the nature of the vulnerability and its potential consequences.

For European organizations, this vulnerability poses a risk of social engineering and phishing attacks leveraging caller ID spoofing on FaceTime. Attackers could impersonate trusted contacts, executives, or service providers to extract sensitive information, gain unauthorized access, or conduct fraud. This undermines communication trust and could lead to data breaches, financial loss, or reputational damage. Organizations relying on macOS devices for internal or external communications, especially in sectors like finance, government, and critical infrastructure, are particularly vulnerable. The ease of exploitation without authentication increases the threat surface. Additionally, the potential for targeted attacks against high-profile individuals or departments within European entities could have strategic consequences. The absence of known exploits currently provides a window for proactive mitigation before widespread abuse occurs.

European organizations should immediately deploy the security updates macOS Sonoma 14.8.3 and macOS Sequoia 15.7.3 to all affected devices to remediate the vulnerability. IT teams must verify patch deployment through endpoint management tools and ensure no devices remain on vulnerable versions. User education campaigns should emphasize verifying caller identity through secondary channels and exercising caution with unexpected FaceTime calls, especially those requesting sensitive information. Implementing network-level controls to monitor and restrict FaceTime traffic where feasible can reduce exposure. Organizations should also review and enhance incident response plans to address potential social engineering attacks stemming from caller ID spoofing. Regular audits of communication security policies and integration of caller verification technologies can further mitigate risks. Finally, monitoring threat intelligence feeds for emerging exploits related to this vulnerability is recommended to maintain situational awareness.