CVE-2025-43372

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Apple tvOS versions prior to 26 Apple watchOS versions prior to 26 Apple visionOS versions prior to 26 Apple macOS versions prior to Tahoe 26 Apple iOS versions prior to 26 Apple iPadOS versions prior to 26

Description Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory due to insufficient input validation.

Recommendations Update Apple tvOS to version 26 or later. Update Apple watchOS to version 26 or later. Update Apple visionOS to version 26 or later. Update Apple macOS to version Tahoe 26 or later. Update Apple iOS to version 26 or later. Update Apple iPadOS to version 26 or later.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-11303

CVE-2025-43372

Affected Products

Apple Macos

Ios

Ipados

Tvos

Visionos

Watchos

CVE-2025-43372

Weakness Enumeration

Related Identifiers

Affected Products

References · 25