CVE-2025-43346
📊 5.5 MEDIUM⚡ 0.0%🎯 0 exploits
📅 Published Sep 15, 2025
📋 Status: Modified
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26, watchOS 26, iOS 18.7 and iPadOS 18.7, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
CVSS v3.1 • 134c704f-9b21-4f2e-91b3-4a467353bcc0
🎯 Affected Products & Systems
6 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
💻OS | apple | ipados | < 18.7 | Vulnerable | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* |
💻OS | apple | iphone os | < 18.7 | Vulnerable | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
💻OS | apple | macos | < 26.0 | Vulnerable | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
💻OS | apple | tvos | < 26.0 | Vulnerable | cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* |
💻OS | apple | visionos | < 26.0 | Vulnerable | cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* |
💻OS | apple | watchos | < 26.0 | Vulnerable | cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
Version: < 18.7
CPE:
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Version: < 26.0
CPE:
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
6 products•scroll for more
Metrics
5.5 MEDIUMCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
NONE
User Interaction:
REQUIRED
Confidentiality:
NONE
Integrity:
NONE
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
ModifiedCVSS Details
5.5 (MEDIUM)v3.1
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
EPSS Details
0.0% (Minimal)1.4th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Sep 15, 2025 (1 month ago)
Last Modified
Sep 25, 2025 (1 month ago)
Security Weaknesses1
CWE-125
References7
NVDgeneralgeneral+4