Cyber Posture

CVE-2025-43510

HighCISA KEVActive Exploitation

Published: 12 December 2025

Published
12 December 2025
Modified
03 April 2026
KEV Added
20 March 2026
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0030 53.6th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Description

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS…

more

26.1. A malicious application may cause unexpected changes in memory shared between processes.

Mitigating Controls (NIST 800-53 r5)AI

SI-16 Memory Protection good match
prevent

Implements controls to protect system memory from unauthorized access, modification, or deletion, directly mitigating memory corruption from improper lock state checking.

SC-39 Process Isolation good match
prevent

Isolates processes to prevent a malicious application from causing unexpected changes in shared memory between processes.

SC-4 Information in Shared System Resources good match
prevent

Prevents unauthorized and unintended information transfer via shared system resources such as memory exploited by this vulnerability.

Security SummaryAI

CVE-2025-43510 is a memory corruption vulnerability addressed by improved lock state checking in multiple Apple operating systems. It affects versions of iOS and iPadOS prior to 18.7.2 and 26.1, macOS Sequoia prior to 15.7.2, macOS Sonoma prior to 14.8.2, macOS Tahoe prior to 26.1, tvOS prior to 26.1, visionOS prior to 26.1, and watchOS prior to 26.1. The issue, associated with CWE-667 (Improper Locking), enables a malicious application to cause unexpected changes in memory shared between processes.

Exploitation requires local access (AV:L), low attack complexity (AC:L), no privileges (PR:N), and user interaction (UI:R), such as installing and running a malicious application. Attackers achieve high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) with no change in scope (S:U), resulting in a CVSS v3.1 base score of 7.8.

Apple's security advisories detail patches in the listed fixed versions across affected platforms. Mitigation involves updating to iOS 18.7.2 or 26.1, iPadOS 18.7.2 or 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, or watchOS 26.1, as described in support documents at https://support.apple.com/en-us/125632, https://support.apple.com/en-us/125633, https://support.apple.com/en-us/125634, https://support.apple.com/en-us/125635, and https://support.apple.com/en-us/125636.

Details

CWE(s)
CWE-667
KEV Date Added
20 March 2026

Affected Products

apple
ipados
26.0 · ≤ 18.7.2
apple
iphone os
26.0 · ≤ 18.7.2
apple
macos
26.0 · 14.0 — 14.8.2 · 15.0 — 15.7.2
apple
tvos
≤ 26.1
apple
visionos
≤ 26.1
apple
watchos
≤ 26.1

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Memory corruption in inter-process shared regions enables arbitrary code execution from a local unprivileged malicious application, directly facilitating exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References