CVE-2025-43510HIGH 7.8CISA KEVEPSS p26.5%

CVE-2025-43510Apple Multiple Products Improper Locking Vulnerability

Apple / Multiple Products

Description

Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes.

Scoring

CVSS 3.17.8 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.35% probability of exploitation · percentile 26.5% · 2026-06-19T12:03:05Z
Published2025-12-12
Last modified2026-04-03

CISA KEV entry

Added to KEV: 2026-03-20

Underlying weaknesses· 1

CWE-667

References

  1. https://support.apple.com/en-us/125632
  2. https://support.apple.com/en-us/125633
  3. https://support.apple.com/en-us/125634
  4. https://support.apple.com/en-us/125635
  5. https://support.apple.com/en-us/125636
  6. https://support.apple.com/en-us/125637
  7. https://support.apple.com/en-us/125638
  8. https://support.apple.com/en-us/125639

1

TypeTargetConfidenceTier
WeaknessImproper Lockingcwe-6670%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryApple Multiple Products Improper Locking Vulnerabilitykev-cve-2025-435100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Apple Multiple Products Memory Corruption Vulnerability
CVE
Apple Multiple Products Classic Buffer Overflow Vulnerability
CVE
Apple Multiple Products Memory Initialization Vulnerability
CVE
Apple Multiple Products Use-After-Free Vulnerability
CVE
Apple Multiple Products Race Condition Vulnerability
CVE
Apple Multiple Products Buffer Overflow Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.