Apple macOS up to 18.4 App denial of service

Summaryinfo

A vulnerability identified as problematic has been detected in Apple macOS. This affects an unknown function of the component App. This manipulation causes denial of service. This vulnerability is tracked as CVE-2025-43355. The attack is restricted to local execution. No exploit exists. You should upgrade the affected component.

Detailsinfo

A vulnerability was found in Apple macOS. It has been declared as problematic. Affected by this vulnerability is some unknown functionality of the component App. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability. The summary by CVE is:

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause a denial-of-service.

The advisory is shared at support.apple.com. This vulnerability is known as CVE-2025-43355 since 04/16/2025. The exploitation appears to be easy. An attack has to be approached locally. Neither technical details nor an exploit are publicly available.

Upgrading to version 26.0 eliminates this vulnerability.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Type

• Operating System

Vendor

• Apple

Name

• macOS

Version

• 5.3
• 5.11
• 10.8.5
• 10.9.5
• 10.10
• 10.10.1
• 10.10.2
• 10.10.3
• 10.12
• 10.12.0
• 10.12.1
• 10.12.2
• 10.12.3
• 10.12.4
• 10.12.5
• 10.12.6
• 10.13
• 10.13.0
• 10.13.1
• 10.13.2
• 10.13.3
• 10.13.4
• 10.13.5
• 10.13.5 2018-003
• 10.13.6
• 10.14
• 10.14.1
• 10.14.2
• 10.14.4
• 10.14.5
• 10.14.6
• 10.15
• 10.15.0
• 10.15.1
• 10.15.2
• 10.15.3
• 10.15.4
• 10.15.5
• 10.15.6
• 10.15.7
• 11.0.1
• 11.1
• 11.2
• 11.2.1
• 11.2.3
• 11.3
• 11.3.1
• 11.4
• 11.5
• 11.6
• 11.6.6
• 11.7
• 11.7.3
• 11.7.5
• 11.7.9
• 12.0.1
• 12.1
• 12.2
• 12.2.1
• 12.3
• 12.3.1
• 12.4
• 12.5
• 12.5.1
• 12.6
• 12.6.2
• 12.6.3
• 12.6.4
• 12.6.7
• 12.6.8
• 12.7
• 12.7.1
• 12.7.5
• 12.7.6
• 13
• 13.0
• 13.1
• 13.2
• 13.2.1
• 13.3
• 13.3.0
• 13.3.1
• 13.4
• 13.4.1
• 13.5
• 13.6
• 13.6.0
• 13.6.1
• 13.6.2
• 13.6.4
• 13.6.5
• 13.6.7
• 13.6.8
• 13.7
• 14
• 14.0
• 14.1
• 14.2
• 14.3
• 14.4
• 14.5
• 14.6
• 14.7
• 14.8
• 15
• 15.1
• 15.2
• 15.3
• 15.4
• 15.5
• 15.6
• 15.7
• 16.7
• 17.4
• 17.5
• 18
• 18.1
• 18.2
• 18.4

License

• commercial

Website

• Vendor: https://www.apple.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion