Input Validation Flaw in Apple Operating Systems
CVE-2025-43372

6.5MEDIUM

Key Information:

Vendor

Apple

Vendor
CVE Published:
15 September 2025

What is CVE-2025-43372?

An input validation vulnerability in several Apple operating systems could allow an attacker to craft a malicious media file that, when processed, may lead to unexpected app termination or corruption of process memory. Users are strongly advised to update their devices to the latest versions to mitigate risks associated with this issue.

Affected Version(s)

iOS and iPadOS < 26

macOS < 26

tvOS < 26

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.