CVE-2025-43510

HIGH

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpected changes in memory shared between processes.

CVSS v3.1 Score

7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Complexity
LOW
Privileges
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Published: 12/12/2025Modified: 4/2/2026

Related Intelligence (1)

HIGHVulnerability

CISA KEV: Apple Multiple Products — Apple Multiple Products Improper Locking Vulnerability

Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes.

CVE-2025-43510Apple Multiple Products
CISA KEV

References (10)

https://support.apple.com/en-us/125632Release NotesVendor Advisoryhttps://support.apple.com/en-us/125633Release NotesVendor Advisoryhttps://support.apple.com/en-us/125634Release NotesVendor Advisoryhttps://support.apple.com/en-us/125635Release NotesVendor Advisoryhttps://support.apple.com/en-us/125636Release NotesVendor Advisoryhttps://support.apple.com/en-us/125637Release NotesVendor Advisoryhttps://support.apple.com/en-us/125638Release NotesVendor Advisoryhttps://support.apple.com/en-us/125639Release NotesVendor Advisoryhttps://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/Technical Descriptionhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43510US Government Resource