Out-of-Bounds Access Vulnerability in Apple Media Processing
CVE-2025-43221

7.1HIGH

Key Information:

Vendor: Apple
Status: Mac OS; TV OS; Visionos; iOS And iPad OS
Vendor: CVE Published:; 30 July 2025

What is CVE-2025-43221?

An out-of-bounds access issue where the improper handling of maliciously crafted media files could lead to unexpected behavior in applications, including abrupt termination or potential memory corruption. This vulnerability has been addressed in the latest versions of macOS, iOS, iPadOS, visionOS, and tvOS through enhanced bounds checking.

Affected Version(s)

iOS and iPadOS < 18.6

macOS < 15.6

tvOS < 18.6

References

https://support.apple.com/en-us/124149

https://support.apple.com/en-us/124153

https://support.apple.com/en-us/124154

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025