Zero Day MonitorZDM

← Back to list

6.3

CVE-2025-43210EXPLOITEDPATCHED

apple · ios

CVE-2025-43210: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18

Description

A vulnerability categorized as problematic has been discovered in Apple iOS and iPadOS. Affected by this vulnerability is an unknown functionality of the component Media File Handler. Such manipulation leads to out-of-bounds read. The attack can be launched remotely.

Affected Products

Vendor	Product	Versions
apple	ios	0, 0, 0, 0, 0, 0, 0, 0

References

Related News (4 articles)

Tier C

VulDB14h ago

CVE-2025-43210 | Apple watchOS Media File out-of-bounds

→ No new info (linked only)

Tier C

VulDB14h ago

CVE-2025-43210 | Apple visionOS Media File out-of-bounds

→ No new info (linked only)

Tier C

VulDB14h ago

CVE-2025-43210 | Apple tvOS Media File out-of-bounds

→ No new info (linked only)

Tier C

VulDB14h ago

CVE-2025-43210 | Apple iOS/iPadOS Media File out-of-bounds

→ No new info (linked only)

CVSS 3.16.3 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

18.617.7.913.7.714.7.715.62.611.6

PublishedApr 2, 2026

Last enriched14h agov5

Tags

tvOSmedia fileout-of-bounds

Trending Score46

Source articles4

Independent1

Info Completeness8/14

Missing: epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-20700EXPKEV

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memo

CRITICALCVE-2024-44219EXP

CVE-2024-44219: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious a

NONECVE-2025-43202EXP

CVE-2025-43202: This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 1

HIGHCVE-2024-40849EXP

CVE-2024-40849: A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able

HIGHCVE-2024-44286EXP

CVE-2024-44286: This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 2, 2026

Actively Exploited

Apr 2, 2026

Patch Available

Apr 2, 2026

Discovered by ZDM

Apr 2, 2026

Updated: description, tags

Apr 2, 2026

Updated: description, activelyExploited, tags

Apr 2, 2026

Updated: description

Apr 2, 2026

Updated: description, severity

Apr 2, 2026

Version History

v5

Last enriched 14h ago

v5Tier C14h ago

Updated description with new technical details, changed severity to HIGH, and added relevant tags.

descriptionseverity

via VulDB

v4Tier C14h ago

Updated description with more technical detail, marked exploit availability as false, and noted that the vulnerability is actively exploited.

description

via VulDB

v3Tier C14h ago

Updated description with new technical details, marked as actively exploited, and added new tags related to media file and out-of-bounds.

descriptionactivelyExploitedtags

via VulDB

v2Tier C14h ago

Updated description with new technical details and corrected exploit availability to false.

descriptiontags

via VulDB

v116h ago

Initial creation