CVE-2025-43494_CVE-2025-43494

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

A mail header parsing issue was addressed with improved checks. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. An attacker may be able to cause a persistent denial-of-service.

Basic Information

ID CVE-2025-43494

Source apple

Published Dec 12, 2025 at 20:56

Modified Dec 15, 2025 at 14:51

Affected Product

Vendor Apple

Product macOS

Version unspecified

Affected Versions Apple macOS unspecified
Apple macOS unspecified
Apple visionOS unspecified
Apple watchOS unspecified
Apple macOS unspecified
Apple iOS and iPadOS unspecified
Apple iOS and iPadOS unspecified

CWE Classification

CWE-20

References

{
    "lastseen": "",
    "description": "A mail header parsing issue was addressed with improved checks. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. An attacker may be able to cause a persistent denial-of-service.",
    "published": "2025-12-12T20:56:47.563Z",
    "modified": "2025-12-15T14:51:07.150Z",
    "type": "cve",
    "title": "CVE-2025-43494",
    "source": "apple",
    "references": "https://support.apple.com/en-us/125636\nhttps://support.apple.com/en-us/125634\nhttps://support.apple.com/en-us/125638\nhttps://support.apple.com/en-us/125639\nhttps://support.apple.com/en-us/125635\nhttps://support.apple.com/en-us/125632\nhttps://support.apple.com/en-us/125633",
    "id": "CVE-2025-43494",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "Apple macOS unspecified\nApple macOS unspecified\nApple visionOS unspecified\nApple watchOS unspecified\nApple macOS unspecified\nApple iOS and iPadOS unspecified\nApple iOS and iPadOS unspecified",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "macOS",
    "version": "unspecified",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}