CVE-2025-43205

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 11.4, tvOS 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4. An app may be able to bypass ASLR.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
appleCNA
---
---
CISA-ADPADP
4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
appleipados
𝑥
< 18.4
appleiphone_os
𝑥
< 18.4
appletvos
𝑥
< 18.4
applevisionos
𝑥
< 2.4
applewatchos
𝑥
< 11.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122376
https://support.apple.com/en-us/122377
https://support.apple.com/en-us/122378