CVE-2025-43205_CVE-2025-43205

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Description

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 11.4, tvOS 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4. An app may be able to bypass ASLR.

Basic Information

ID CVE-2025-43205

Source apple

Published Nov 12, 2025 at 00:20

Modified Nov 12, 2025 at 21:24

Affected Product

Vendor Apple

Product watchOS

Version unspecified

Affected Versions Apple watchOS unspecified
Apple tvOS unspecified
Apple iOS and iPadOS unspecified
Apple visionOS unspecified

CWE Classification

CWE-787

References

{
    "lastseen": "",
    "description": "An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 11.4, tvOS 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4. An app may be able to bypass ASLR.",
    "published": "2025-11-12T00:20:52.053Z",
    "modified": "2025-11-12T21:24:06.784Z",
    "type": "cve",
    "title": "CVE-2025-43205",
    "source": "apple",
    "references": "https://support.apple.com/en-us/122376\nhttps://support.apple.com/en-us/122377\nhttps://support.apple.com/en-us/122371\nhttps://support.apple.com/en-us/122378",
    "id": "CVE-2025-43205",
    "bulletinFamily": "",
    "cwe": [
        "CWE-787"
    ],
    "cvelist": null,
    "sourceData": "Apple watchOS unspecified\nApple tvOS unspecified\nApple iOS and iPadOS unspecified\nApple visionOS unspecified",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "watchOS",
    "version": "unspecified",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}