Description
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Published: 2025-07-29
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Memory corruption and possible denial of service
Action: Apply patch
AI Analysis

Impact

An out‑of‑bounds access flaw has been identified in the media handling component of Apple operating systems. The issue allows a maliciously crafted media file to bypass bounds checks and write beyond the intended buffer. Executing such a file can trigger an unexpected application termination or corrupt the memory of the process that handled it, potentially affecting data integrity. The flaw is described as a buffer overwrite that could lead to memory corruption but does not provide a path to arbitrary code execution.

Affected Systems

The vulnerability impacts Apple platforms: iOS, iPadOS, macOS, tvOS, and visionOS. The official Apple support pages show that the fix is included in iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, and visionOS 2.6. Devices running earlier releases of these operating systems are therefore considered vulnerable. The CVE description does not list specific earlier version numbers, so it is inferred that any version prior to the fixed releases is affected.

Risk and Exploitability

The CVSS score of 7.1 classifies the vulnerability as high severity. The EPSS score of less than 1 % indicates a very low likelihood of exploitation at present, and the flaw is not listed in the CISA KEV catalog. The most plausible attack vector involves delivering a malformed media file to the device—for example, through an email attachment, a compromised download, or streaming content—that is then processed by the operating system. The vulnerability requires the file to be parsed by the media component; it does not currently allow arbitrary code execution or compromise the device at the network level.

Generated by OpenCVE AI on April 28, 2026 at 18:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest updates—iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, and visionOS 2.6—to install the bound‑checking fix.
  • Avoid opening or executing untrusted media files while the update is pending.
  • Limit automatic media opening or restrict media file processing permissions in the system settings to reduce exposure until the patch is applied.

Generated by OpenCVE AI on April 28, 2026 at 18:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23119 An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
History

Tue, 28 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
Title Out-of-Bounds Media Handling Access Causing App Termination or Memory Corruption

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Thu, 31 Jul 2025 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple iphone Os
Apple tvos
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Vendors & Products Apple iphone Os
Apple tvos

Wed, 30 Jul 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 30 Jul 2025 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H'}

Wed, 30 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Apple macos
Apple macos Sequoia
Apple visionos
Vendors & Products Apple
Apple ios
Apple ipados
Apple macos
Apple macos Sequoia
Apple visionos

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
References

Subscriptions

Apple Ios Ipados Iphone Os Macos Macos Sequoia Tvos Visionos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:15:23.134Z

Reserved: 2025-04-16T15:24:37.090Z

Link: CVE-2025-43224

cve-icon Vulnrichment

Updated: 2025-07-30T13:25:03.614Z

cve-icon NVD

Status : Modified

Published: 2025-07-30T00:15:34.473

Modified: 2026-04-02T19:20:08.233

Link: CVE-2025-43224

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T18:45:15Z

Weaknesses