CVE-2025-43534
published 2026-03-25CVE-2025-43534: A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2. A user with…
medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2. A user with physical access to an iOS device may be able to bypass Activation Lock.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_26.2_and_ipados | — | — |
| apple | ios_and_ipados | < 18.7.7 | 18.7.7 |
| apple | ios_and_ipados | < 26.2 | 26.2 |
| apple | ipados | < 18.7.7 | 18.7.7 |
| apple | ipados | >= 26.0 < 26.2 | 26.2 |
| apple | iphone_os | < 18.7.7 | 18.7.7 |
| apple | iphone_os | >= 26.0 < 26.2 | 26.2 |