Out-of-Bounds Access Vulnerability in Apple Media Processing
CVE-2025-43221

7.1HIGH

Key Information:

Vendor

Apple

Vendor
CVE Published:
30 July 2025

What is CVE-2025-43221?

An out-of-bounds access issue where the improper handling of maliciously crafted media files could lead to unexpected behavior in applications, including abrupt termination or potential memory corruption. This vulnerability has been addressed in the latest versions of macOS, iOS, iPadOS, visionOS, and tvOS through enhanced bounds checking.

Affected Version(s)

iOS and iPadOS < 18.6

macOS < 15.6

tvOS < 18.6

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

.