CVE-2025-43210

CWE-125 — Out-of-bounds Read CWE-787 — Out-of-bounds Write12 documents5 sources

Severity

6.3MEDIUM

EPSS

0.0%

top 93.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Ipados Apple Macos +4 more

Timeline

PublishedApr 2

Description

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages12 packages

▶CVEListV5apple/macos< 13.7.7+2

▶NVDapple/macos13.0 — 13.7.7+2

▶CVEListV5apple/ipados< 17.7.9

▶NVDapple/ipados18.0 — 18.6+1

▶CVEListV5apple/ios_and_ipados< 18.6

🔴Vulnerability Details

CVEList

CVE-2025-43210: An out-of-bounds access issue was addressed with improved bounds checking↗2026-04-02

▶

GHSA

GHSA-836c-rhv9-3x5j: An out-of-bounds access issue was addressed with improved bounds checking↗2026-04-02

▶

📋Vendor Advisories

Apple

CVE-2025-43210: macOS Sequoia 15.6↗2025-07-29

▶

Apple

CVE-2025-43210: visionOS 2.6↗2025-07-29

▶

Apple

CVE-2025-43210: iPadOS 17.7.9↗2025-07-29

▶

Apple

CVE-2025-43210: macOS Sonoma 14.7.7↗2025-07-29

▶

Apple

CVE-2025-43210: iOS 18.6 and iPadOS 18.6↗2025-07-29

▶

🕵️Threat Intelligence

Wiz

CVE-2025-43210 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶