CVE-2025-43344
BaseFortify
Publication date: 2025-09-15
Last updated on: 2026-04-02
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ipados | to 26.0 (exc) |
| apple | iphone_os | to 26.0 (exc) |
| apple | macos | to 26.0 (exc) |
| apple | tvos | to 26.0 (exc) |
| apple | visionos | to 26.0 (exc) |
| apple | watchos | to 26.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds access issue that was addressed by improving bounds checking in certain Apple operating systems. It could allow an app to access memory outside of its intended boundaries, potentially causing unexpected system termination.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an app to cause unexpected system termination, which may lead to crashes or instability on affected devices running the vulnerable operating systems.
What immediate steps should I take to mitigate this vulnerability?
Update your devices to the fixed versions of the operating systems: tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26, and iPadOS 26 to address the out-of-bounds access issue and prevent unexpected system termination.