Login Sign Up

CVE-2025-43384

4.3 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes an out-of-bounds memory access vulnerability in Apple's media file processing. Attackers can craft malicious media files that cause affected Apple devices to crash or corrupt memory when processed. Users of unpatched Apple devices are affected.

💻 Affected Systems

Products:
  • tvOS
  • macOS
  • iOS
  • iPadOS
  • visionOS
Versions: Versions before tvOS 26.1, macOS Tahoe 26.1, iOS 26.1, iPadOS 26.1, iOS 18.7.2, iPadOS 18.7.2, macOS Sequoia 15.7.2, visionOS 26.1
Operating Systems: Apple tvOS, Apple macOS, Apple iOS, Apple iPadOS, Apple visionOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected Apple operating systems are vulnerable before patching.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

Visionos by Apple

View all CVEs affecting Visionos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory corruption could potentially lead to arbitrary code execution, though this is not confirmed in the CVE description.

🟠

Likely Case

Application termination (crash) or memory corruption when processing malicious media files.

🟢

If Mitigated

No impact if devices are patched to the fixed versions.

🌐 Internet-Facing: MEDIUM - Malicious media files could be delivered via web, email, or messaging apps.
🏢 Internal Only: LOW - Requires user interaction to open malicious files.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open a malicious media file. No public exploit code is mentioned.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: tvOS 26.1, macOS Tahoe 26.1, iOS 26.1, iPadOS 26.1, iOS 18.7.2, iPadOS 18.7.2, macOS Sequoia 15.7.2, visionOS 26.1

Vendor Advisory: https://support.apple.com/en-us/125632

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Go to General > Software Update. 3. Download and install the latest available update. 4. Restart device when prompted.

🔧 Temporary Workarounds

Disable automatic media preview

all

Prevent automatic processing of media files in vulnerable applications.

Use trusted media sources only

all

Only open media files from trusted sources and avoid unknown files.

🧯 If You Can't Patch

  • Restrict media file processing to trusted applications only
  • Implement application sandboxing to limit potential damage

🔍 How to Verify

Check if Vulnerable:

Check current OS version against affected versions list.

Check Version:

Settings > General > About > Version (iOS/iPadOS) or About This Mac > macOS Version

Verify Fix Applied:

Verify OS version matches or exceeds the patched versions listed.

📡 Detection & Monitoring

Log Indicators:

  • Application crash logs related to media processing
  • Memory access violation errors in system logs

Network Indicators:

  • Unusual media file downloads from untrusted sources

SIEM Query:

Search for process crashes with media-related executables or memory access violations.

📊 Metadata

CVE ID: CVE-2025-43384
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CWE: CWE-125
EPSS Score: 0.05% exploit probability (16.7th percentile)
Published: November 4, 2025
Last Updated: December 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-43384, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)