AI description
CVE-2025-43356 is a vulnerability that exists in WebKit and affects multiple Apple products, including iOS and iPadOS, macOS Tahoe, tvOS, visionOS and watchOS. The vulnerability can be triggered by processing maliciously crafted web content, which may lead to an unexpected Safari crash. The root cause of this issue is related to improper memory handling. Apple addressed this vulnerability by improving the handling of caches.
- Description
- The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent.
- Source
- product-security@apple.com
- NVD status
- Analyzed
- Products
- safari, ipados, iphone_os, macos, tvos, visionos, watchos
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-200
- Hype score
- Not currently trending
🚨 Unmasking #Apple's Latest Zero-Days: A Deep Dive into #CVE-2025-43356 and Proactive Defense Strategies https://t.co/vggXEXt9NV Educational Purposes!
@UndercodeUpdate
17 Sept 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Excited 🎉 to share that I have been credited with my 4th CVE from Apple: CVE-2025-43356. This issue was addressed in Apple’s new security releases of iOS 26, iPadOS 26, and Safari 26. #Apple #CVE #BugBounty #iOS #ApplicationSecurity #iOS26 https://t.co/CWHom5o7s2
@cybor_j
16 Sept 2025
7975 Impressions
14 Retweets
114 Likes
26 Bookmarks
6 Replies
0 Quotes
CVE-2025-43356 The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26… https://t.co/t8x0nJs1Cf
@CVEnew
16 Sept 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "213D326D-D8FB-4C0B-B3C9-D44E359F5765",
"versionEndExcluding": "26.0"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5006F7D9-931C-4C7A-960A-C46338855CBB",
"versionEndExcluding": "18.7"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "025344A4-9E22-44FD-AF62-67FE85D1C621",
"versionEndExcluding": "18.7"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39AFEC84-CF6E-4859-8B5A-C5CF3F838A94",
"versionEndExcluding": "26.0"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD4D5965-C1B7-4C82-AB16-BA4D41F2FBCA",
"versionEndExcluding": "26.0"
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E33744A8-68C0-4822-B08E-100911C18404",
"versionEndExcluding": "26.0"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66CF3395-7CC9-41FD-8419-815AC6022191",
"versionEndExcluding": "26.0"
}
],
"operator": "OR"
}
]
}
]