CVE-2025-43365

Published Nov 4, 2025

Last updated 24 days ago

CVSS low 2.8

Overview

Description: A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26 and iPadOS 26. An unprivileged process may be able to terminate a root processes.
Source: product-security@apple.com
NVD status: Modified
Products: ipados, iphone_os

Risk scores

CVSS 3.1

Type: Secondary
Base score: 2.8
Impact score: 1.4
Exploitability score: 1.3
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Severity: LOW

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "C4221CFD-0208-42B8-AACA-1BE6AEC3BA9A",
            "versionEndExcluding": "26.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "68DCA17A-424E-4EE3-B005-0F2E42407226",
            "versionEndExcluding": "26.0",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References