PT-2025-44901 · Apple+4 · Tvos+10

Aleksejs Popovs

Publicado

2024-10-14

Atualizado

2026-01-20

CVE-2025-43480

CVSS v2.0

9.4

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.1 visionOS versions prior to 26.1 watchOS versions prior to 26.1 iOS versions prior to 26.1 iPadOS versions prior to 26.1 tvOS versions prior to 26.1

Description A malicious website may be able to exfiltrate data cross-origin due to insufficient checks. The issue was addressed with improved checks.

Recommendations Update Safari to version 26.1. Update visionOS to version 26.1. Update watchOS to version 26.1. Update iOS to version 26.1. Update iPadOS to version 26.1. Update tvOS to version 26.1.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-942

Identificadores relacionados

ALSA-2025:22789

ALSA-2025:22790

BDU:2025-13967

CVE-2025-43480

DSA-5792-1

OPENSUSE-SU-2026:20065-1

RHSA-2024:8180

RHSA-2024:8492

RHSA-2024:8496

RHSA-2024:9553

RHSA-2024:9636

RHSA-2024:9646

RHSA-2024:9653

RHSA-2024:9679

RHSA-2024:9680

RHSA-2025:10364

SUSE-SU-2025:4416-1

SUSE-SU-2025:4423-1

SUSE-SU-2026:0021-1

SUSE-SU-2026:20102-1

Produtos afetados

Almalinux

Centos

Debian

Apple Macos

Red Hat

Safari

Ios

Ipados

Tvos

Visionos

Watchos

PT-2025-44901 · Apple+4 · Tvos+10

CVE-2025-43480

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 134