anonhaven
Ad

CVE-2025-43510

HIGH CVSS 3.1: 7.8 EPSS 0.30% ACTIVE EXPLOIT
Updated Apr 03, 2026
Apple

CISA Known Exploited Vulnerability (KEV)

This vulnerability is actively exploited in the wild. Immediate patching is strongly recommended.

Due Date: Apr 03, 2026

Parameter Value
CVSS 7.8 (HIGH)
Affected Versions 14.0 — 26.1
Fixed In 18.7.2
Type CWE-667, CWE-362 (Race Condition)
Vendor Apple
Public PoC Yes

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpected changes in memory shared between processes.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
Required
User action required

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-667
CWE-362 Race Condition

Vulnerable Products 10

Configuration From (including) Up to (excluding)
Apple Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
 18.7.2
Apple Ipados
cpe:2.3:o:apple:ipados:26.0:*:*:*:*:*:*:*
Apple Iphone_Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
 18.7.2
Apple Iphone_Os
cpe:2.3:o:apple:iphone_os:26.0:*:*:*:*:*:*:*
Apple Macos
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
 14.0 14.8.2
Apple Macos
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
 15.0 15.7.2
Apple Macos
cpe:2.3:o:apple:macos:26.0:*:*:*:*:*:*:*
Apple Tvos
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
 26.1
Apple Visionos
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
 26.1
Apple Watchos
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
 26.1

References 10

https://support.apple.com/en-us/125632
product-security@apple.com
https://support.apple.com/en-us/125633
product-security@apple.com
https://support.apple.com/en-us/125634
product-security@apple.com
https://support.apple.com/en-us/125635
product-security@apple.com
https://support.apple.com/en-us/125636
product-security@apple.com
https://support.apple.com/en-us/125637
product-security@apple.com
https://support.apple.com/en-us/125638
product-security@apple.com
https://support.apple.com/en-us/125639
product-security@apple.com
https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-…
134c704f-9b21-4f2e-91b3-4a467353bcc0
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025…
134c704f-9b21-4f2e-91b3-4a467353bcc0
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-6318

Linux

8.8

CVE-2026-6317

Linux

8.8

CVE-2026-6316

Linux

8.8

CVE-2026-6314

Linux

8.3

CVE-2026-6313

Linux

3.1