Race Condition Vulnerability in Apple Products and Services
CVE-2025-43531

3.1LOW

Key Information:

Vendor: Apple
Status: iOS And iPad OS; TV OS; Safari; Visionos
Vendor: CVE Published:; 17 December 2025

What is CVE-2025-43531?

A race condition vulnerability has been identified in various Apple products, allowing maliciously crafted web content to potentially cause an unexpected process crash. This issue has been addressed with improved state handling, affecting platforms such as watchOS, iOS, macOS, and Safari. Ensuring systems are updated to the latest versions is essential for mitigating the risk associated with this vulnerability.

Affected Version(s)

iOS and iPadOS < 18.7

iOS and iPadOS < 26.2

macOS < 26.2

References

https://support.apple.com/en-us/125885

https://support.apple.com/en-us/125889

https://support.apple.com/en-us/125892

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 17, 2025
Vulnerability Reserved
Apr 16, 2025

JSON