CVE-2025-43359

Description

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all interfaces.

CVSS v3.1 Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

CWE-670 CWE-670

Affected Products

Vendor	Product	Versions
apple	ipados	< 18.7
apple	iphone_os	< 18.7
apple	macos	14.0 — 14.8
apple	macos	15.0 — 15.7
apple	tvos	< 26.0
apple	visionos	< 26.0
apple	watchos	< 26.0

References

Advisories & Patches

https://support.apple.com/en-us/125108 https://support.apple.com/en-us/125109 https://support.apple.com/en-us/125111 https://support.apple.com/en-us/125112 https://support.apple.com/en-us/125114 https://support.apple.com/en-us/125115 https://support.apple.com/en-us/125116

Other References

https://support.apple.com/en-us/125110 http://seclists.org/fulldisclosure/2025/Sep/49 http://seclists.org/fulldisclosure/2025/Sep/53 http://seclists.org/fulldisclosure/2025/Sep/54 http://seclists.org/fulldisclosure/2025/Sep/55 http://seclists.org/fulldisclosure/2025/Sep/56 http://seclists.org/fulldisclosure/2025/Sep/57 http://seclists.org/fulldisclosure/2025/Sep/58

Frequently Asked Questions

What is CVE-2025-43359? +

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all interfaces. It has a CVSS v3.1 base score of 9.8 (CRITICAL).

How severe is CVE-2025-43359? +

CVE-2025-43359 has a CVSS v3.1 score of 9.8 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.

What products are affected by CVE-2025-43359? +

CVE-2025-43359 affects products from apple, specifically: ipados, iphone_os, macos, tvos, visionos, watchos. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2025-43359? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-24800

Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed …

CVE-2026-40942

The Data Sharing Framework (DSF) implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior …

CVE-2025-29312 9.1

An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via …

CVE-2024-32971 9.0

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. …

CVE-2023-31211 8.8

Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials

CVE-2024-20480 8.6

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could …