Apple macOS up to 18.4 Media File memory corruption

Summaryinfo

A vulnerability classified as critical was found in Apple macOS. This vulnerability affects unknown code of the component Media File Handler. Such manipulation leads to memory corruption. This vulnerability is listed as CVE-2025-43372. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

Detailsinfo

A vulnerability was found in Apple macOS and classified as critical. Affected by this issue is an unknown function of the component Media File Handler. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads to CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. Impacted is confidentiality, integrity, and availability. CVE summarizes:

The issue was addressed with improved input validation. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.

The advisory is available at support.apple.com. This vulnerability is handled as CVE-2025-43372 since 04/16/2025. The exploitation is known to be easy. The attack may be launched remotely. No form of authentication is required for exploitation. Successful exploitation requires user interaction by the victim. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment (estimation calculated on 11/05/2025).

The vulnerability scanner Nessus provides a plugin with the ID 272227 (macOS 14.x < 14.8.2 Multiple Vulnerabilities (125636)), which helps to determine the existence of the flaw in a target environment.

Upgrading to version 26.0 eliminates this vulnerability.

The vulnerability is also documented in the databases at Tenable (272227) and CERT Bund (WID-SEC-2025-2475). If you want to get best quality of vulnerability data, you may have to visit VulDB.

Affected

• Apple macOS

Productinfo

Type

• Operating System

Vendor

• Apple

Name

• macOS

Version

• 5.3
• 5.11
• 10.8.5
• 10.9.5
• 10.10
• 10.10.1
• 10.10.2
• 10.10.3
• 10.12
• 10.12.0
• 10.12.1
• 10.12.2
• 10.12.3
• 10.12.4
• 10.12.5
• 10.12.6
• 10.13
• 10.13.0
• 10.13.1
• 10.13.2
• 10.13.3
• 10.13.4
• 10.13.5
• 10.13.5 2018-003
• 10.13.6
• 10.14
• 10.14.1
• 10.14.2
• 10.14.4
• 10.14.5
• 10.14.6
• 10.15
• 10.15.0
• 10.15.1
• 10.15.2
• 10.15.3
• 10.15.4
• 10.15.5
• 10.15.6
• 10.15.7
• 11.0.1
• 11.1
• 11.2
• 11.2.1
• 11.2.3
• 11.3
• 11.3.1
• 11.4
• 11.5
• 11.6
• 11.6.6
• 11.7
• 11.7.3
• 11.7.5
• 11.7.9
• 12.0.1
• 12.1
• 12.2
• 12.2.1
• 12.3
• 12.3.1
• 12.4
• 12.5
• 12.5.1
• 12.6
• 12.6.2
• 12.6.3
• 12.6.4
• 12.6.7
• 12.6.8
• 12.7
• 12.7.1
• 12.7.5
• 12.7.6
• 13
• 13.0
• 13.1
• 13.2
• 13.2.1
• 13.3
• 13.3.0
• 13.3.1
• 13.4
• 13.4.1
• 13.5
• 13.6
• 13.6.0
• 13.6.1
• 13.6.2
• 13.6.4
• 13.6.5
• 13.6.7
• 13.6.8
• 13.7
• 14
• 14.0
• 14.1
• 14.2
• 14.3
• 14.4
• 14.5
• 14.6
• 14.7
• 14.8
• 15
• 15.1
• 15.2
• 15.3
• 15.4
• 15.5
• 15.6
• 15.7
• 16.7
• 17.4
• 17.5
• 18
• 18.1
• 18.2
• 18.4

License

• commercial

Website

• Vendor: https://www.apple.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion