Full Report
Apple security advisory (AV25-722) – Update 1
Analysis Summary
# Vulnerability: Multiple Vulnerabilities in Apple Products (Including KEV-listed flaws)
## CVE Details
- **CVE ID:** CVE-2025-43510, CVE-2025-43520 (Specifically highlighted in Update 1)
- **CVSS Score:** Not explicitly listed in the advisory (Typically High/Critical for KEV entries)
- **CWE:** Not specified in the source text
## Affected Systems
- **Products:** Safari, Xcode, iOS, iPadOS, macOS (Sequoia, Sonoma, Tahoe), tvOS, visionOS, watchOS.
- **Versions:**
- Safari: prior to 26.1
- Xcode: prior to 26.1
- iOS and iPadOS: prior to 26.1
- macOS Sequoia: prior to 15.7.2
- macOS Sonoma: prior to 14.8.2
- macOS Tahoe: prior to 26.1
- tvOS: prior to 26.1
- visionOS: prior to 26.1
- watchOS: prior to 26.1
- **Configurations:** General installation of the listed operating systems and software.
## Vulnerability Description
Technical details for the specific CVEs (CVE-2025-43510 and CVE-2025-43520) are not detailed in the summary text; however, their inclusion in the CISA Known Exploited Vulnerabilities (KEV) catalog indicates they are critical flaws that allow for unauthorized actions, likely involving remote code execution (RCE) or memory corruption within Apple's ecosystem components.
## Exploitation
- **Status:** **Exploited in the wild.** (Added to CISA KEV Database on March 20, 2026).
- **Complexity:** Typically Low to Medium for KEV-listed vulnerabilities.
- **Attack Vector:** Likely Network or Local (depending on the specific component).
## Impact
- **Confidentiality:** High (Potential for data exfiltration)
- **Integrity:** High (Potential for unauthorized modifications)
- **Availability:** High (Potential for system instability or denial of service)
## Remediation
### Patches
Apple has released the following versions to address these flaws:
- **Safari:** 26.1
- **Xcode:** 26.1
- **iOS/iPadOS:** 26.1
- **macOS Sequoia:** 15.7.2
- **macOS Sonoma:** 14.8.2
- **macOS Tahoe:** 26.1
- **tvOS/visionOS/watchOS:** 26.1
### Workarounds
No specific workarounds are provided; immediate patching is the recommended course of action for KEV-listed vulnerabilities.
## Detection
- **Indicators of compromise:** Unusual system crashes, unauthorized process execution, or unexpected network traffic to unknown domains.
- **Detection methods and tools:** Monitor for outdated OS versions using Mobile Device Management (MDM) tools and verify patch levels against the CISA KEV database requirements.
## References
- Apple Security Updates: hxxps[://]support[.]apple[.]com/en-us/100100
- CISA KEV (CVE-2025-43510): hxxps[://]www[.]cisa[.]gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-43510
- CISA KEV (CVE-2025-43520): hxxps[://]www[.]cisa[.]gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-43520
- Original Advisory: hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/apple-security-advisory-av25-722