CVE-2025-43494 – A mail header parsing vulnerability in Apple op... (How to Fix)

Q: What is the severity of CVE-2025-43494?

CVE-2025-43494 has a CVSS score of 7.5 (HIGH). A mail header parsing vulnerability in Apple operating systems allows attackers to cause persistent denial-of-service conditions. This affects users of iOS, iPadOS, macOS, watchOS, and visionOS who process email messages. The vulnerability stems from improper input validation when parsing mail headers.

📋 TL;DR

A mail header parsing vulnerability in Apple operating systems allows attackers to cause persistent denial-of-service conditions. This affects users of iOS, iPadOS, macOS, watchOS, and visionOS who process email messages. The vulnerability stems from improper input validation when parsing mail headers.

💻 Affected Systems

Products:

iOS
iPadOS
macOS
watchOS
visionOS

Versions: Versions prior to watchOS 26.1, iOS 18.7.2, iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1, iPadOS 26.1

Operating Systems: iOS, iPadOS, macOS, watchOS, visionOS

Default Config Vulnerable: ⚠️ Yes

Notes: All systems with mail processing capabilities are vulnerable in default configurations.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Visionos by Apple

View all CVEs affecting Visionos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Permanent disruption of mail services requiring system reinstallation or restoration from backup.

🟠

Likely Case

Mail application crashes or becomes unresponsive until system restart.

🟢

If Mitigated

Minimal impact with proper email filtering and updated systems.

🌐 Internet-Facing: MEDIUM - Attackers can send malicious emails to trigger the vulnerability.

🏢 Internal Only: LOW - Requires email processing capability which is typically internet-facing.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending specially crafted email messages to vulnerable systems.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1

Vendor Advisory: https://support.apple.com/en-us/125632

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Navigate to General > Software Update. 3. Download and install the latest available update. 4. Restart the device when prompted.

🔧 Temporary Workarounds

Disable Mail Processing

all

Temporarily disable mail applications or services to prevent exploitation.

Email Filtering

all

Implement email gateway filtering to block suspicious or malformed email headers.

🧯 If You Can't Patch

Implement network-level email filtering to block malicious messages
Restrict email access to trusted sources only

🔍 How to Verify

Check if Vulnerable:

Check system version against affected versions list in Settings > General > About.

Check Version:

On macOS: sw_vers. On iOS/iPadOS: Settings > General > About > Version.

Verify Fix Applied:

Verify system version matches or exceeds patched versions listed in the advisory.

📡 Detection & Monitoring

Log Indicators:

Mail application crash logs
System logs showing mail service failures
Repeated mail process restarts

Network Indicators:

Unusual email traffic patterns
Emails with malformed headers

SIEM Query:

source="mail.log" AND ("crash" OR "segfault" OR "denial of service")

📊 Metadata

CVE ID: CVE-2025-43494

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-20

EPSS Score: 0.22% exploit probability (44.2th percentile)

Published: December 12, 2025

Last Updated: December 16, 2025

🔗 References

https://support.apple.com/en-us/125632 Release Notes,Vendor Advisory
https://support.apple.com/en-us/125633 Release Notes,Vendor Advisory
https://support.apple.com/en-us/125634 Release Notes,Vendor Advisory
https://support.apple.com/en-us/125635 Release Notes,Vendor Advisory
https://support.apple.com/en-us/125636 Release Notes,Vendor Advisory
https://support.apple.com/en-us/125638 Release Notes,Vendor Advisory
https://support.apple.com/en-us/125639 Release Notes,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-43494, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ipados by Apple

Ipados by Apple

Iphone Os by Apple

Iphone Os by Apple

Macos by Apple

Macos by Apple

Macos by Apple

Visionos by Apple

Watchos by Apple

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable Mail Processing

Email Filtering

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities