CVE-2025-43537
published 2026-02-11CVE-2025-43537: A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2. Restoring a…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCNIHAN
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2. Restoring a maliciously crafted backup file may lead to modification of protected system files.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_18.7.5_and_ipados | — | — |
| apple | ios_26.2_and_ipados | — | — |
| apple | ios_and_ipados | < 18.7.5 | 18.7.5 |
| apple | ios_and_ipados | < 26.2 | 26.2 |
| apple | ipados | < 18.7.5 | 18.7.5 |
| apple | iphone_os | < 18.7.5 | 18.7.5 |