VDB
CVE-2025-43376
CVE-2025-43376
PUBLISHED
CVSS 6.800000190734863 MEDIUM
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2. A user with physical access to an iOS device may be able to bypass Activation Lock.
EPSS 0.08% · 23.3th percentile
Risk Scores
CVSS 3.1
6.800000190734863
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.08%
23.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | iOS and iPadOS | 0, 0 |
Exploit Intelligence
- https://support.apple.com/en-us/125884 (circl)
- https://support.apple.com/en-us/126793 (circl)
- CIRCL seen: CVE-2025-43534 (circl-sighting)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
…and 33 more exploits
Timeline
- Nov 4, 2025 EPSS Score
- Nov 4, 2025 CVE Published
- Nov 9, 2025 EPSS Score
- Nov 15, 2025 EPSS Score
- Nov 20, 2025 EPSS Score
- Nov 26, 2025 EPSS Score
- Dec 1, 2025 EPSS Score
- Dec 6, 2025 EPSS Score
- Dec 12, 2025 EPSS Score
- Dec 17, 2025 EPSS Score
- Dec 23, 2025 EPSS Score
- Dec 28, 2025 EPSS Score
References
- https://support.apple.com/en-us/126793 advisory
- https://support.apple.com/en-us/126794 advisory
- https://support.apple.com/en-us/126798 advisory
- https://support.apple.com/en-us/126800 advisory
- https://support.apple.com/en-us/126796 advisory
- https://support.apple.com/en-us/126792 advisory
- https://support.apple.com/en-us/126795 advisory
- https://support.apple.com/en-us/126799 advisory
- https://support.apple.com/en-us/126797 advisory
- https://support.apple.com/en-us/126801 advisory
- https://support.apple.com/en-us/125884 url