CVE-2025-43338

Summary

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sonoma 14.8.2, macOS Sonoma 14.8.4, macOS Tahoe 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOS0 < 26affected
ApplemacOS0 < 14.8.2affected
ApplemacOS0 < 14.8.4affected
ApplemacOS0 < 26affected

Weaknesses

  • Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References