Login Sign Up

CVE-2025-43520

7.1 HIGH
Denial of Service

📋 TL;DR

This CVE describes a memory corruption vulnerability in Apple operating systems that could allow a malicious application to cause system crashes or write to kernel memory. It affects multiple Apple platforms including iOS, macOS, watchOS, visionOS, and tvOS. Users running affected versions are vulnerable to potential system instability or privilege escalation.

💻 Affected Systems

Products:
  • iOS
  • iPadOS
  • macOS
  • watchOS
  • visionOS
  • tvOS
Versions: Versions prior to watchOS 26.1, iOS 18.7.2, iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1, iPadOS 26.1
Operating Systems: Apple iOS, Apple iPadOS, Apple macOS, Apple watchOS, Apple visionOS, Apple tvOS
Default Config Vulnerable: ⚠️ Yes
Notes: All standard configurations of affected Apple operating systems are vulnerable. The vulnerability requires a malicious application to be installed and executed.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

Visionos by Apple

View all CVEs affecting Visionos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

A malicious application could achieve kernel-level code execution, potentially leading to full system compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Malicious applications could cause system crashes (denial of service) or achieve limited kernel memory manipulation, potentially leading to privilege escalation.

🟢

If Mitigated

With proper application sandboxing and security controls, impact would be limited to denial of service through system crashes.

🌐 Internet-Facing: LOW with brief explanation
🏢 Internal Only: MEDIUM with brief explanation

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires a malicious application to be installed and executed on the target system. No public proof-of-concept has been disclosed at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1

Vendor Advisory: https://support.apple.com/en-us/125632

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Navigate to General > Software Update. 3. Download and install the latest available update. 4. Restart the device when prompted.

🔧 Temporary Workarounds

Application Restriction

all

Restrict installation of untrusted applications to reduce attack surface

Enhanced Monitoring

all

Monitor for unexpected system crashes or abnormal application behavior

🧯 If You Can't Patch

  • Implement strict application allowlisting to prevent installation of untrusted applications
  • Isolate affected devices from critical network segments and monitor for abnormal behavior

🔍 How to Verify

Check if Vulnerable:

Check the operating system version against the affected versions listed in the advisory

Check Version:

On Apple devices: Settings > General > About > Version

Verify Fix Applied:

Verify that the device is running one of the patched versions listed in the fix information

📡 Detection & Monitoring

Log Indicators:

  • Unexpected system crashes or kernel panics
  • Applications attempting to access kernel memory

Network Indicators:

  • No specific network indicators as this is a local vulnerability

SIEM Query:

Search for kernel panic logs or unexpected system restarts on Apple devices

📊 Metadata

CVE ID: CVE-2025-43520
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-787
EPSS Score: 0.02% exploit probability (3.2th percentile)
Published: December 12, 2025
Last Updated: December 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-43520, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)