CVE-2025-43520

CISA KEV

Published March 20, 2026 · Updated April 3, 2026

high

What This Means

# CVE-2025-43520 — Apple Multi-Platform Buffer Overflow A buffer overflow in Apple's operating systems (watchOS, iOS, iPadOS, macOS, visionOS, tvOS) allows a malicious app to overwrite kernel memory or crash the system. An attacker needs local code execution through a malicious application to exploit this; remote exploitation is not possible. Patch all affected Apple devices immediately by installing the latest OS versions from Apple's security updates.

Official Description+

Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system termination or write kernel memory.

Affected Products

Vendor	Product
Apple	Multiple Products

Patch Status

Patch by 2026-04-03

Recommended Actions

Check if your systems use any of the affected products listed above.
Apply vendor patches immediately if available.
This vulnerability is in CISA's Known Exploited Vulnerabilities catalog — prioritize remediation.
Monitor vendor advisories for updates and additional mitigations.
Review logs for indicators of compromise related to CVE-2025-43520.

Related Coverage

Vvulnerability

CVE-2025-43520: Apple Multi-Platform Kernel Buffer Overflow Allows Memory Corruption Across Six Operating Systems

CVE-2025-43520 is a classic buffer overflow vulnerability affecting Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS that allows a malicious application to write to kernel memory or crash the system. Exploitation requires local code execution via a malicious app and cannot be triggered remotely without a separate delivery vector. CISA has added this flaw to its Known Exploited Vulnerabilities catalog with a federal patch deadline of April 3, 2026; all organizations should apply Apple's latest OS updates immediately.

CISA KEV·14d ago·3 min read