Input Validation Flaw in Apple Operating Systems
CVE-2025-43347

9.8CRITICAL

Key Information:

Vendor: Apple
Status: iOS And iPad OS; TV OS; Visionos; Watch OS
Vendor: CVE Published:; 15 September 2025

What is CVE-2025-43347?

An input validation flaw was identified and resolved in various Apple operating systems. This vulnerability posed risks that could have allowed malicious actors to exploit improperly validated user inputs. Apple has effectively addressed these issues in the latest versions, ensuring enhanced security and reducing potential threats across its product range.

Affected Version(s)

iOS and iPadOS < 26

macOS < 26

tvOS < 26

References

https://support.apple.com/en-us/125108

https://support.apple.com/en-us/125114

https://support.apple.com/en-us/125115

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Apr 16, 2025

JSON