- Description
- The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An app may be able to monitor keystrokes without user permission.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- ipados, iphone_os
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-200
- Hype score
- Not currently trending
Over 1,045 vulnerabilities surfaced Sept 10–16, 2025, with 135+ public PoCs speeding exploits. Critical flaws impact Apple OS, Zimbra, Samsung Android, Adobe Commerce, and DELMIA Apriso. #CVE-2025-43362 #ZeroDay #AppleOS https://t.co/mqzp8uMK3e
@TweetThreatNews
21 Sept 2025
149 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I'm curious about details of CVE-2025-43362. Monitor how, in its own context and sandbox, or outside of sandbox? If the latter is the case, then this is very interesting. "Impact: An app may be able to monitor keystrokes without user permission" https://t.co/Txwh98mMW3
@hkashfi
16 Sept 2025
632 Impressions
0 Retweets
12 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-43362 The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An app may be able to monitor keystrokes without … https://t.co/WX78EyTbG9
@CVEnew
16 Sept 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5006F7D9-931C-4C7A-960A-C46338855CBB",
"versionEndExcluding": "18.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "025344A4-9E22-44FD-AF62-67FE85D1C621",
"versionEndExcluding": "18.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]