Cyber Resilience

CVE-2025-43202

High

Published: 02 April 2026

Published
02 April 2026
Modified
03 April 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0041 32.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-43202 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Ipados. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 32.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-43202 is a memory corruption vulnerability (CWE-787: Out-of-bounds Write) affecting Apple's iOS, iPadOS, and macOS operating systems. The issue arises when processing a maliciously crafted file, which can trigger memory corruption due to inadequate memory handling. Apple addressed this flaw with improved memory management, fixing it in iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high severity.

Attackers can exploit this vulnerability remotely over the network without privileges by tricking a user into opening or processing a specially crafted file, such as via email attachments, messaging apps, or web downloads. Successful exploitation could result in high-impact confidentiality, integrity, and availability violations, potentially allowing arbitrary code execution, data theft, or system compromise on the targeted device.

Apple's security advisories (https://support.apple.com/en-us/124147 and https://support.apple.com/en-us/124149) confirm the vulnerability details and recommend immediate updates to iOS 18.6, iPadOS 18.6, or macOS Sequoia 15.6 to mitigate the issue. No additional workarounds are specified beyond applying the patches.

EU & UK References

Vulnerability details

This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Memory corruption in crafted file processing enables client-side exploitation for code execution (T1203) requiring user to open malicious file (T1204.002).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-20616Same product: Apple Ipados
CVE-2025-43300Same product: Apple Ipados
CVE-2026-43656Same product: Apple Ipados
CVE-2024-54523Same product: Apple Ipados
CVE-2023-43010Same product: Apple Ipados
CVE-2025-24257Same product: Apple Ipados
CVE-2026-28941Same product: Apple Ipados
CVE-2025-43209Same product: Apple Ipados
CVE-2025-24118Same product: Apple Ipados
CVE-2024-54522Same product: Apple Ipados

Affected Assets

apple
ipados
≤ 18.6
apple
iphone os
≤ 18.6
apple
macos
≤ 15.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Implements safeguards to protect system memory from unauthorized code execution, directly mitigating out-of-bounds write vulnerabilities like CVE-2025-43202.

prevent

Requires timely flaw remediation through patching, addressing the memory corruption fixed in iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6.

prevent

Validates information inputs such as maliciously crafted files to prevent triggering inadequate memory handling during processing.

References