CVE-2025-43372
📊 7.8 HIGH⚡ 0.1%🎯 1 exploits
📅 Published Sep 15, 2025
📋 Status: Analyzed
The issue was addressed with improved input validation. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
CVSS v3.1 • NVD
🎯 Affected Products & Systems
6 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
💻OS | apple | ipados | < 26.0 | Vulnerable | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* |
💻OS | apple | iphone os | < 26.0 | Vulnerable | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
💻OS | apple | macos | < 26.0 | Vulnerable | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
💻OS | apple | tvos | < 26.0 | Vulnerable | cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* |
💻OS | apple | visionos | < 26.0 | Vulnerable | cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* |
💻OS | apple | watchos | < 26.0 | Vulnerable | cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
Version: < 26.0
CPE:
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Version: < 26.0
CPE:
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
6 products•scroll for more
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
NONE
User Interaction:
REQUIRED
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
7.8 (HIGH)v3.1
Source: [email protected]
EPSS Details
0.1% (Minimal)25.4th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Sep 15, 2025 (1 month ago)
Last Modified
Sep 30, 2025 (1 month ago)
Security Weaknesses2
CWE-20
Available exploits (1)
References6
NVDgeneralgeneral+3