Memory Corruption Issue in Apple Products
CVE-2025-43510
Key Information:
- Vendor
Apple
- Vendor
- CVE Published:
- 12 December 2025
Badges
What is CVE-2025-43510?
A memory corruption vulnerability exists within Apple's operating systems, which can be exploited by a malicious application. This vulnerability allows inter-process memory manipulation, potentially leading to unexpected behavior and system instability. Apple has addressed this issue by implementing improved lock state checking. Users are advised to update to the latest versions of the affected operating systems to mitigate risks associated with this vulnerability.
CISA has reported CVE-2025-43510
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-43510 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
iOS and iPadOS 0 < 18.7.2
iOS and iPadOS 0 < 26.1
macOS 0 < 14.8.2
News Articles
References
CVSS V3.1
Timeline
- π°
First article discovered by BleepingComputer
- πΎ
Exploit known to exist
- π¦
CISA Reported
Vulnerability published
Vulnerability Reserved