CVE-2025-43510
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-12
Last updated on: 2026-04-03
Assigner: Apple Inc.
Description
Description
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpected changes in memory shared between processes.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ipados | to 18.7.2 (exc) |
| apple | ipados | 26.0 |
| apple | iphone_os | to 18.7.2 (exc) |
| apple | iphone_os | 26.0 |
| apple | macos | From 14.0 (inc) to 14.8.2 (exc) |
| apple | macos | From 15.0 (inc) to 15.7.2 (exc) |
| apple | macos | 26.0 |
| apple | tvos | to 26.1 (exc) |
| apple | visionos | to 26.1 (exc) |
| apple | watchos | to 26.1 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-667 | The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors. |
| CWE-362 | The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently. |
