Description
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. A non-privileged user may be able to modify restricted network settings.
Published: 2025-07-29
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service and unauthorized network setting modification
Action: Patch immediately
AI Analysis

Impact

A flaw in Apple’s operating systems around input validation allows a non‑privileged user to cause a denial‑of‑service crash and modify restricted network settings, affecting device availability and potentially allowing traffic redirection. Apple’s iOS 18.6, iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, and watchOS 11.6 have been patched; all earlier releases remain vulnerable. The CVSS score of 7.5 classifies it as high severity, yet the EPSS score below 1% indicates unlikely exploitation today. The flaw is not in the CISA KEV catalog. The likely attack vector is local, requiring the attacker to be present on the device or run an application that can supply crafted input; an attacker can crash the device or alter network configurations and, when the system restarts, restore connectivity or redirect traffic.

Affected Systems

Apple’s iOS 18.6, iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, and watchOS 11.6 have been patched; all older releases remain vulnerable.

Risk and Exploitability

The CVSS score of 7.5 classifies it as high severity, yet the EPSS score below 1% indicates unlikely exploitation today. The flaw is not in the CISA KEV catalog. The likely attack vector is local, requiring the attacker to be present on the device or run an application that can supply crafted input; an attacker can crash the device or alter network configurations and, when the system restarts, restore connectivity or redirect traffic.

Generated by OpenCVE AI on April 28, 2026 at 18:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade all Apple devices to the latest patched OS versions listed (iOS 18.6, iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6).
  • Reboot each device immediately after installing the update to ensure all changes take effect.
  • Until the update is completed, use device management tools to restrict network configuration rights for non‑admin users, preventing unprivileged accounts from modifying network settings.

Generated by OpenCVE AI on April 28, 2026 at 18:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23059 A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. A non-privileged user may be able to modify restricted network settings.
History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. A non-privileged user may be able to modify restricted network settings. A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. A non-privileged user may be able to modify restricted network settings.

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Thu, 31 Jul 2025 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple iphone Os
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple iphone Os

Wed, 30 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 30 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Apple macos Ventura
Apple tvos
Apple visionos
Apple watchos
Vendors & Products Apple
Apple ios
Apple ipados
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Apple macos Ventura
Apple tvos
Apple visionos
Apple watchos

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. A non-privileged user may be able to modify restricted network settings.
References

Subscriptions

Apple Ios Ipados Iphone Os Macos Macos Sequoia Macos Sonoma Macos Ventura Tvos Visionos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:07:49.756Z

Reserved: 2025-04-16T15:24:37.090Z

Link: CVE-2025-43223

cve-icon Vulnrichment

Updated: 2025-07-30T13:20:25.254Z

cve-icon NVD

Status : Modified

Published: 2025-07-30T00:15:34.363

Modified: 2026-04-02T19:20:08.023

Link: CVE-2025-43223

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T19:00:20Z

Weaknesses