CVE-2025-43277
HIGHCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2Tags
Description
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted audio file may lead to memory corruption.
Analysis
Memory corruption in Apple's audio processing framework across iOS, macOS, tvOS, visionOS, and watchOS allows local attackers to achieve arbitrary code execution by tricking users into opening malicious audio files. Fixed in iOS/iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, and watchOS 11.6. Despite a high CVSS score of 7.8, the 2% EPSS probability indicates low observed exploitation likelihood, with no public exploit identified at time of analysis and no CISA KEV listing.
Technical Context
This vulnerability represents a buffer overflow (CWE-119) in Apple's audio file parsing subsystem, which is shared across the entire Apple ecosystem including macOS, iOS, iPadOS, tvOS, visionOS, and watchOS. Audio file parsers are notoriously complex due to the variety of codec formats, container structures, and metadata fields they must handle. The memory handling flaw likely occurs during the parsing or decoding phase when processing specially crafted audio file headers, metadata chunks, or compressed audio streams. Buffer overflows in media parsers can allow attackers to overwrite adjacent memory regions with controlled data, potentially hijacking program execution flow. The cross-platform nature indicated by the CPE data (cpe:2.3:o:apple:macos) and Apple's simultaneous patching across all operating systems suggests the vulnerable code exists in a shared framework, potentially AudioToolbox or Core Audio components that handle format detection and decoding operations common to all Apple platforms.
Affected Products
Apple iOS and iPadOS versions prior to 18.6, macOS Sequoia versions prior to 15.6, macOS Sonoma versions prior to 14.8, tvOS versions prior to 18.6, visionOS versions prior to 2.6, and watchOS versions prior to 11.6 are affected by this memory corruption vulnerability in audio file processing components. The CPE identifier cpe:2.3:o:apple:macos covers the macOS variants, though the vulnerability spans Apple's entire operating system ecosystem as evidenced by simultaneous security advisories. Vendor security bulletins are available at support.apple.com/en-us/124147 through 124155 for various platforms, with the comprehensive advisory at support.apple.com/en-us/125112.
Remediation
Apply vendor-released patches immediately by updating to iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, or watchOS 11.6 as appropriate for your platform. Apple addressed the vulnerability through improved memory handling in the audio processing framework. Installation instructions and update packages are available through standard Apple Software Update mechanisms or from the security advisories at support.apple.com/en-us/125112 and related platform-specific bulletins (124147, 124149, 124153, 124154, 124155). As an interim mitigation until patching is complete, users should avoid opening audio files from untrusted sources or unknown senders, though this workaround is not a substitute for applying the security update. Organizations should prioritize patching user-facing devices where employees regularly handle external media files, particularly in creative, media production, or customer support roles.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today