AI description
CVE-2025-43400 is a vulnerability in Apple's font parser that can be triggered by processing a maliciously crafted font file. The vulnerability is an out-of-bounds write issue that can lead to unexpected application termination or corrupt process memory. The vulnerability has been addressed with improved bounds checking in macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, macOS Sequoia 15.7.1, visionOS 26.0.1, iOS 26.0.1 and iPadOS 26.0.1, iOS 18.7.1 and iPadOS 18.7.1. Users are advised to apply the relevant updates promptly.
- Description
- An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, macOS Sequoia 15.7.1, visionOS 26.0.1, iOS 26.0.1 and iPadOS 26.0.1, iOS 18.7.1 and iPadOS 18.7.1. Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory.
- Source
- product-security@apple.com
- NVD status
- Analyzed
- Products
- ipados, iphone_os, macos, visionos
CVSS 3.1
- Type
- Secondary
- Base score
- 6.3
- Impact score
- 3.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
Apple patches critical font parser flaw CVE-2025-43400 across platforms. Rising threats include Gemini AI risks, Medusa ransomware targeting Asahi, and state-backed phishing by APT35. Enforcement hits Bitcoin Queen. #Japan #GeminiAI #BitcoinQueen https://t.co/xwlrhNDbQt
@TweetThreatNews
1 Oct 2025
451 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple закрыла в iOS/iPadOS/macOS 26.0.1 вредоносную уязвимость Компания поделилась документом Поддержки о том, что была устранена уязвимость по части функции FontParser
@aaplpro
30 Sept 2025
757 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🍏 Security Update for Apple OS! 🔹 A critical vulnerability (CVE-2025-43400) was found in FontParser. 🔹 A malicious font could cause unexpected app crashes or memory damage. 🔹 Apple has patched this issue in iOS / iPadOS / macOS 26.0.1 and strongly recommends updating
@Solmeenaa
30 Sept 2025
186 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🍏 آپدیت امنیتی برای سیستمعاملهای اپل! 🔹 یه حفره امنیتی خطرناک (CVE-2025-43400) توی بخش پردازش فونت یا همون FontParser پیدا شده بود. 🔹 این باگ میتونست با یه فونت
@AppleFarsii
30 Sept 2025
7401 Impressions
0 Retweets
59 Likes
9 Bookmarks
6 Replies
1 Quote
⚠️ CVE-2025-43400: #Apple risolve una vulnerabilità critica nell'elaborazione dei font. 🔗 https://t.co/hQ4EQ2Fxhy Aggiornare. https://t.co/8lAK96jG0V
@sonoclaudio
30 Sept 2025
322 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Breaking down the patch for CVE-2025-43400, a FontParser vulnerability in the latest macOS Tahoe and iOS 26.0.1 update. The issue: A malicious font could cause an out-of-bounds write, leading to memory corruption. Let's look at the fix. 🧵
@minacrissDev_
30 Sept 2025
883 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
Prawdopodobnie złośliwe fonty mogą być wykorzystywane w atakach na użytkowników iPhone-ów. Aktualizujcie się do iOS 18.7.1 CVE-2025-43400: "Impact: Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory"
@Sekurak
30 Sept 2025
5550 Impressions
12 Retweets
44 Likes
7 Bookmarks
1 Reply
1 Quote
Apple releases iOS 26.0.1 & iPadOS 26.0.1! Fixes CVE-2025-43400 in FontParser, preventing app crashes & memory corruption with improved bounds checking. Update now to stay secure! #iOS26 #Apple #SecurityUpdate Source: https://t.co/TJstykccmn
@shekhardotin
30 Sept 2025
543 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple Patches Single Vulnerability CVE-2025-43400, (Mon, Sep 29th) https://t.co/uNM8HQ4oYV #SANS #Cybersecurity https://t.co/KsRZOH0uTv
@PoseidonTPA
29 Sept 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-43400 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, macOS Sequoia 15.7.1, vision… https://t.co/ZP4kKnxrob
@CVEnew
29 Sept 2025
235 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79FB7B26-6049-4918-A1B2-60563ABE6D2A",
"versionEndExcluding": "18.7.1"
},
{
"criteria": "cpe:2.3:o:apple:ipados:26.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4173F942-2CF6-447E-A942-948F6EF6CE77"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EC6C4E6-522F-463A-97B7-BD6F973415AF",
"versionEndExcluding": "18.7.1"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:26.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E29A276A-7091-42B2-B893-6A5801A0716E"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E2C7BB5-172D-4BBE-90CF-0FCBC72A2193",
"versionEndExcluding": "14.8.1",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BF57375-8F19-4CEB-B244-607C4F20AE5A",
"versionEndExcluding": "15.7.1",
"versionStartIncluding": "15.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:26.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "551159EE-8311-4A13-802D-85871DAB5E77"
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1CA1AF0-1A5A-4B3D-A2BA-0C6B98884795",
"versionEndExcluding": "26.0.1"
}
],
"operator": "OR"
}
]
}
]