Exposures › CVE-2025-43520
Apple's iOS/macOS family contains a classic buffer overflow vulnerability actively exploited by ransomware groups.
A classic buffer overflow in Apple's iOS, macOS, and related OSes allows malicious apps to crash systems or write to kernel memory, creating a high-risk attack surface for DIB vendors relying on Apple hardware/software. This vulnerability is actively exploited in the wild, requiring immediate patching and supply chain vetting to prevent unauthorized access to sensitive data.
Shame score — While not a zero-day, the active exploitation of a classic buffer overflow in widely used Apple products poses significant supply chain risk for DIB organizations.
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system termination or write kernel memory.
No correlated FedRAMP products.